www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=795dd5943d1cab34578def23a3d63fb2&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~5777842085840832953~~hx51sKnUfppXq9D71xIwxKV-VfXJ-L6sq4p1nSeJ3fB9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l146VGrXJTnLkZ90Wf1nL25Lzy7jFgxFtPJ5FDFM47FzCNjRNdd_XnOEXRbg3AZ2kpe-65zkV78rjshJiXh_VPjCjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=496f35c4f114ff45b63b82f18c169e38a2d3c57ff80c&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN107001.3911388TABOOLACH%2FB29068018.355025866%3Bdc_trk_aid%3D545989045%3Bdc_trk_cid%3D183186606%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1%3Ftblci%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iDM2VUo9cT-gu_9gcpN%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iDM2VUo9cT-gu_9gcpN&vi=1696251411444&p=admazingag-thurgautravel-sc&r=55&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=COIB&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Mehr erfahren

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=195919c337c389663e76fa9f5d1f95eb&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~717478354296204053~~21GWygqTAcef-ww02KZyy6V-VfXJ-L6sq4p1nSeJ3fB9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15EXbuS8jkQX0nUuhwc1s0Nzy7jFgxFtPJ5FDFM47FzCNjRNdd_XnOEXRbg3AZ2kpe-65zkV78rjshJiXh_VPjCjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=8f32e010a15b4a2f79925fa73209bf5840c7eda32d4f&redir=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackclk%2FN107001.3911388TABOOLACH%2FB29068018.355025866%3Bdc_trk_aid%3D565248756%3Bdc_trk_cid%3D183186606%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bltd%3D%3Bdc_tdv%3D1%3Ftblci%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iDM2VUop-7eseX1uIq5AQ%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iDM2VUop-7eseX1uIq5AQ&vi=1696251411444&p=admazingag-thurgautravel-sc&r=28&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=CIME&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Mehr erfahren

URL: https://1bb4fd.pzzqvpjlfkbmb.com/
Title: Online Dating | Suchanzeigen

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=195919c337c389663e76fa9f5d1f95eb&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~-6944875372939894569~~pFVJpkoyRIHJzmZy9yX25vs2gFSZwEVWzrfchX0QOt5yNpbgedRdYuhjTdtdbeHkkVNSC6iaJPmSgK6YU1G_ng3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bAk_lec0llvjGi9jky85CbE2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=d267624ea072af46b1b7ec685372e9892e65cc9d704e&redir=https%3A%2F%2F1bb4fd.pzzqvpjlfkbmb.com%3Fsubid1%3D26982007%26subid2%3D3724345708%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1won9qahr3GzrIn%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DTreffe%2BSingle%2BFrauen%2Baus%2BCarouge%26click_id%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1won9qahr3GzrIn%26dpco%3D1%26tblci%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1won9qahr3GzrIn%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1won9qahr3GzrIn&vi=1696251411444&p=happystory-onlinedatingpr&r=27&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=CIME&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Jetzt Suchen

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://foreclosed-homes-ch.com/
Title: Zwangsversteigerte Häuser | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=eddac3909c4d98c98031555af5d74966&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~-2877255125662599133~~ogPSloirPDK98pql19qnuZTF2e7JnOE0JsX-wCqfbop9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15l1mVd4DmaUfz5E2bcg-knGyY8m_OuVBytqU70QOUx8im6c-n9v_EKnUJWUIcRxLSuqrXaF91ECuaZGJCN7Nx1UUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=dd375c36ece6bf0f2d92a65c03d8d7a58adc1971e50f&redir=https%3A%2F%2Fforeclosed-homes-ch.com%3Fsub1%3D27205302---delimjuwe---3727235743%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iD0wmEoz7-4gNeE58wu%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DCarouge%253A%2BZwangsversteigerte%2BH%25C3%25A4user%2Bwerden%2Bfast%2Ban%2Bjeden%2Bvergeben%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iD0wmEoz7-4gNeE58wu&vi=1696251411444&p=ajaskagmbh-search-sedo-foreclosedhomes-sc&r=48&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=CN0D&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Jetzt Suchen

URL: https://fit-und-mental.de/sein-sternzeichen-verraet-das-findet-er-richtig-nervend-an-dir/2/
Title: Fit & Mental

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=5c998f60b84486530a38f6df9f1b1460&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~-6944875372939894569~~DH177Cv_WpmOT6IDZ_qk8fs2gFSZwEVWzrfchX0QOt5yNpbgedRdYuhjTdtdbeHkMimiSNEhmdNXWfo7jHlSEQ3k4Thh40qKgdVK-XcFVtruO4bb3BEYh5xrSGsTgv7bAk_lec0llvjGi9jky85CbE2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=1bc3075f514336199aeb0b38a567735c7ad7c65a6271&redir=https%3A%2F%2F1bb4fd.pzzqvpjlfkbmb.com%3Fsubid1%3D26982007%26subid2%3D3724345708%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1wo1PnehKKf-J1E%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DTreffe%2BSingle%2BFrauen%2Baus%2BCarouge%26click_id%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1wo1PnehKKf-J1E%26dpco%3D1%26tblci%3DGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1wo1PnehKKf-J1E%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iCLo1wo1PnehKKf-J1E&vi=1696251411444&p=happystory-onlinedatingpr&r=9&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=CMIE&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ri=04cc31942289fe19e1d4c0c7f891dabd&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&it=text&ii=~~V1~~-2877255125662599133~~ogPSloirPDK98pql19qnuZTF2e7JnOE0JsX-wCqfbop9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15Lu2p_FapL58U7V-zQVIzMGyY8m_OuVBytqU70QOUx8im6c-n9v_EKnUJWUIcRxLSuqrXaF91ECuaZGJCN7Nx1UUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=180dbd3b2ed86a23d7c27b32dfba33706dfc944efb3d&redir=https%3A%2F%2Fforeclosed-homes-ch.com%3Fsub1%3D27205302---delimjuwe---3727235743%26sub2%3D1524057---delimjuwe---palmate-bg3co%26sub3%3Dtaboola-GiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iD0wmEo1LuOy_-PzpEf%26network%3Dtaboola%26site%3D1524057_palmate-bg3co%26adtitle%3DCarouge%253A%2BZwangsversteigerte%2BH%25C3%25A4user%2Bwerden%2Bfast%2Ban%2Bjeden%2Bvergeben%23tblciGiCFK0DIBxspkp68-Uz_mqVy1tdMsdyk3d_9syH74v1q-iD0wmEo1LuOy_-PzpEf&vi=1696251411444&p=ajaskagmbh-search-sedo-foreclosedhomes-sc&r=13&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ppb=CLcG&cpb=EhIyMDIzMTAwMi01LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDEwNDiApJqXDECy0A1IvogQUNPb2QNY____________AWMI1koQw2IYMGRjCLNGEIJdGDJkYwj-__________8BEP7__________wEYAmRjCM3__________wEQzf__________ARgzZGMI1xYQ1B8YI2RjCLJJEPZgGBRkYwjSAxDgBhgIZGMIlhQQmBwYGGRjCO8DEIsHGAlkYwjh__________8BEOH__________wEYH2RjCKQnEIo1GC9keAGAAQKIAcmCjEmQARyYAe342YOvMQ&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 44

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CLSmk_e014EDFTaf_Qcd_isKXw;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

Request Chain 48

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=COiok_e014EDFcvLEQgd5-oFHg;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

Request Chain 168

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 227

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b&google_hm=NDg0NjE5MTgtMTc2NS00MmFkLWI5NjAtODE4OGRmMDQwYzFi HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBmaBj6MheGDpUPFiTDHuVo&google_cver=1&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b

Request Chain 234

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN8WAN9V-17-IY34 HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN8WAN9V-17-IY34 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/24a140b9-aa69-32bc-90cb-1a9a7c316476?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-aHH77PhE2oUXclcpoqCOgUj6ZTfIn8wXaYphK54-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 236

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/auXjoJ8NuxJHJKoLOsR_Ycn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-blB5jKhE2oIMEUZUYNq_MJK8pgvIXKRCDZ.6Rg--~A

Request Chain 237

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IsE59FNwS0eY18VMm6NpNA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IsE59FNwS0eY18VMm6NpNA

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvvgjdVWkat7GAjiTSsCBk&google_cver=1

Request Chain 239

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE44V0FOOVYtMTctSVkzNA== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENvlZL83oixNm0kyff7mi2k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44V0FOOVYtMTctSVkzNA==&google_push=

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Request Chain 241

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGUzNGVjMzUyZjUwMjExMzEzZWVmM2UxOGEyZTA3MzU3OTI5M2MxMQ

Request Chain 242

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8WAN9V-17-IY34

Request Chain 244

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABvPE7KNXwAABgcc-dC6g&expires=30

Request Chain 245

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8WAN9V-17-IY34&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8WAN9V-17-IY34&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN8WAN9V-17-IY34&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sVHBMS2Z0RTJ1RTFYMVlZQU5JYVFnTmxXUWluUHFMSH5B&ovsid=LN8WAN9V-17-IY34&dpid=58160

Request Chain 246

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d7ba4241-f78a-48bc-8562-90ef331d5e2e&expires=30

Request Chain 247

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8WAN9V-17-IY34

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1

Request Chain 252

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRq.FwGx7EBbbpg2QLa.1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1&google_hm=2

Request Chain 253

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIcRit6wE0mL-8jtnWMQMmg&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIcRit6wE0mL-8jtnWMQMmg&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=da21f3f547511a22967b5b8f53711a83&uid=da21f3f547511a22967b5b8f53711a83&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1&ang_testid=1

Request Chain 260

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1696244215&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696251414763&bpp=440&bdt=2152&idt=983&shv=r20230927&mjsv=m202309210101&ptt=5&saldr=sd&cookie=ID%3Dfa20ea4f4b947fe9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MY3WyBgoQhhotIy-xMkHhmHMxXBIQ&gpic=UID%3D00000c8a4aee29c9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MbiYfhUqktB9sCoxfRQ7TnVFnA0Yw&correlator=6533125160675&frm=23&ife=1&pv=2&ga_vid=1566437459.1696251412&ga_sid=1696251416&ga_hid=1194571840&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1997&biw=1600&bih=1200&isw=336&ish=280&ifk=3701905200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31078144%2C44798934%2C31078301%2C21065725&oid=2&pvsid=4456811993751838&tmod=968547294&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lxtdykkybe8d&btvi=1&fsb=1&dtd=1007 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 263

https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6166249157152&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6166249157152&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 273

https://adpushup-d.openx.net/w/1.0/pd HTTP 302
https://adpushup-d.openx.net/w/1.0/pd?cc=1

Request Chain 285

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

Request Chain 286

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

Request Chain 288

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2keRmop0lCTX6AU32Zm4hejdgBUhyxg

Request Chain 291

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Request Chain 310

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 315

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=2720646435057332847

Request Chain 316

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HazIpRZHvBbK9HjFRzOB_ytY

Request Chain 318

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696251418266 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=4572301769 HTTP 302
https://sync.1rx.io/usersync/turn/3702013787439226483?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-40190b19-2d57-4126-a46c-0f856862cf5e-003

Request Chain 319

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5124322328771523532

Request Chain 320

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba

Request Chain 321

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 322

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

Request Chain 323

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkyAhIiOAE= HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba&r=Cid1YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkyAhIiOAE= HTTP 302
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-5343d1c6-3911-34e1-8664-8668456ee999&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkyAhIiOAI=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 324

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

Request Chain 326

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 327

https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
https://ads.servenobid.com/sync?pid=328&uid=81aa72e9-4c82-4d66-8803-02ea83440de8

Request Chain 328

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CeNtcV2zbSYSsmp0Xe9xIQvuaSMStWkpW-Ox5W2C

Request Chain 329

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4283918517387110662

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAnoc0piD3luxRe2x5oGZD0&google_cver=1

Request Chain 344

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2lc-wWyCYX6XyAHv4AxE3eBFYSNl0fA

Request Chain 346

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LN8WAN9V-17-IY34&gdpr=0

Request Chain 347

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2720646435057332847

Request Chain 348

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0

Request Chain 350

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=3550505922006436064

Request Chain 352

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

Request Chain 353

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ5NEJDQTgtRDc0NS00MEUxLUFBMTAtMUM1NkI2ODNCRDdE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 354

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Request Chain 355

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

Request Chain 357

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=2153984576906007906&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=48461918-1765-42ad-b960-8188df040c1b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKPJJgN8KVjDqMzYSReiN9Y&google_cver=1

Request Chain 363

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1003586707705907298&gdpr=0&gdpr_consent=

Request Chain 364

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=816790b429b1690&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxEZk4PNIvwNeskjiAAAAAAA&expiration=1696337818&is_secure=true

Request Chain 365

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3702013787439226483

Request Chain 366

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 376

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696251418266 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3817786757 HTTP 302
https://sync.1rx.io/usersync/turn/3702013787439226483?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-40190b19-2d57-4126-a46c-0f856862cf5e-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-40190b19-2d57-4126-a46c-0f856862cf5e-003

Request Chain 378

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7534057371162961753 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/95e73092-f89e-5213-83e4-e4dbe6fe5ac1

Request Chain 381

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2720646435057332847

Request Chain 382

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB

Request Chain 383

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRq_GgARhmJufgBV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRq_GgARhmJufgBV&_test=ZRq_GgARhmJufgBV

Request Chain 384

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvPE7KNXwAABgcc-dC6g&expiration=1697461018

Request Chain 385

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=h5O3PXMwQQK4M8UerUSH&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1

Request Chain 390

https://www.awin1.com/cshow.php?s=2246404&v=11467&q=346430&r=414915&pref1=47064800085109904438260012465008&pv=1 HTTP 302
https://www.conrad.ch/ztpv.php?awc=11467_414915_1696251418_2bec7351-6123-11ee-8502-226591661de6&insert=AW&gdpr=&gdpr_consent=

Request Chain 393

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/788a348d745818cd6ee6c1a8a81f73f?gdpr_consent=&gdpr=0

Request Chain 395

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIn-ExxEmxA-s9cSzxNEI4E&google_cver=1&google_push=AXcoOmTZQmRo2DVqmnuPep9QoD1xCGkux3cp7xgKAay63D5Vnd3Qwsk2GboYPxkDxuh41oOtK9N7-VQ7jrYg8fWIBk-l1qvDRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835308847191&us_privacy=1---

Request Chain 398

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDZslcev428QmCD0LGqzSrM&google_cver=1&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyDr-WVlRruV7TM0fT87SdUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyDr-WVlRruV7TM0fT87SdUw&google_hm=MzU1MDUwNTkyMjAwNjQzNjA2NA%3D%3D

Request Chain 400

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDP0VBrUyQLXBhWjDSNHG3E&google_cver=1&google_push=AXcoOmSumRxuJrJjxrQiEZ8r4IC8TUjaaetsH9mWPm6YaNQhC2R7xMDj8oV_n4OuLnLKf_ABLE7awUUjNXbze3q66qgrdoUGecR3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=48461918-1765-42ad-b960-8188df040c1b&%%GOOGLE_PUSH_PAIR%%

Request Chain 402

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2720646435057332847

Request Chain 403

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_af30255e-36c3-432b-9698-c5193f1d0ce2&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=48461918-1765-42ad-b960-8188df040c1b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 405

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=70aa9360-d6b9-0e76-2328-14d4b282d0c1

Request Chain 406

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-80d2b3e6-9f2c-499c-4297-6891fac4acd4$cell

Request Chain 407

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-AiVY9.JE2peIJpVIgyvAv51ITikphCUJZcdh~A

Request Chain 408

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=d7ba4241-f78a-48bc-8562-90ef331d5e2e

Request Chain 410

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_af30255e-36c3-432b-9698-c5193f1d0ce2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=5hWHoK1KowrQ0q6Ppc_2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2NLIK5EG6SZRJNXXO4SRGBYTMUDQMNPTEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---

Request Chain 418

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GAeVvscUb36wBHCtfSyOUgwdQqwlTEY2lFClIElBd2Y

Request Chain 419

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Request Chain 423

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

Request Chain 424

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

Request Chain 433

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1199171049558358106&gdpr=0&gdpr_consent=

Request Chain 435

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/de7f831dc28d913eca0d82678fb04b4757b2f08068d86b19c6080568978db2b4

Request Chain 437

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=8087474952318471490&gdpr=0&gdpr_consent=

Request Chain 438

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRq_GgAUwYSU4gBY

Request Chain 452

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=h5O3PXMwQQK4M8UerUSH&pi=gumgum

Request Chain 453

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 454

https://www.awin1.com/cshow.php?s=2246404&v=11467&q=346430&r=414915&pref1=47064800085109904438260012465008&pv=0 HTTP 302
https://ct.conrad.ch/content-chb2c/affiliate/scripts/aktionsbanner/cch_initialise_affiliate_banner.php?width=300&height=250&language=de HTTP 302
https://ct.conrad.ch/content-chb2c/affiliate/banner/new_classic/300x250de.gif

Request Chain 459

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1eced514-813e-0974-3ccb-1dce3ad15b62

Request Chain 461

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

Request Chain 462

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4275836739249394611088

Request Chain 463

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192

Request Chain 464

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D

Request Chain 465

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=c5775cce3847ef2009979a8161df3f7b

Request Chain 469

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D

Request Chain 470

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0

Request Chain 491

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN8WAN9V-17-IY34 HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LN8WAN9V-17-IY34

518 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html Show response
www.bg3.co/a/ 56 KB
16 KB 2476ms
1446ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 35bbb59a436625dbaa5abf1e5265d54648ef4dfd4bcb3905001c05666004e5cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 02 Oct 2023 12:56:49 GMT
etag: "dfda-DbUIkX4wxcVeye5wTqKRVk9jaws"
expires: Mon, 02 Oct 2023 12:57:49 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
71 KB 1186ms
275ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73010
x-xss-protection: 0
server: sffe
etag: "b44d49b4390daba4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 12:56:51 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 1118ms
207ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 12:56:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9649
x-xss-protection: 0
server: sffe
etag: "72b1ab72fa86fbb7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 02 Oct 2023 12:56:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 1153ms
389ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d24197ba44e24e8b16db057cd139feed5ea3f373e9287603439536a093ef5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29408
x-xss-protection: 0
server: cafe
etag: 6 / 19632 / m202309260101 / config-hash: 17269892211909561512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 1067ms
303ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04283b3aa45f05e5c07f5d96011ce128c4b15b806c09dec8946e220f636e97f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91242
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:51 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 310ms
101ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3cd15be9c218c015bbdbb65476d3ec641d7623b6dd916f2dee9ee600a05ebc6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 10:08:39 GMT
server: cloudflare
age: 7588
etag: W/"651a96a7-a1c3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 80fd1b93fc172291-CDG
expires: Mon, 02 Oct 2023 22:50:22 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 852ms
552ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a151c47aed0e0494c8ebe14e82963add74309a77a241a8b9521a4519238f50ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 13:56:51 GMT
date: Mon, 02 Oct 2023 12:56:46 GMT
content-encoding: br
x-ap-device: DESKTOP
last-modified: Mon, 02 Oct 2023 07:00:20 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
x-client-device: desktop
x-client-geo: CH

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 681 KB
142 KB 409ms
116ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F2) /
Resource Hash: 779099a13b049a250852cbb70b3602f0985dfcafe25db403a9f7581559e20df6

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 02 Oct 2023 12:56:50 GMT
content-encoding: br
age: 184665
x-cache: HIT
x-client-device: desktop
content-length: 145467
x-ap-device: DESKTOP
last-modified: Thu, 28 Sep 2023 16:35:35 GMT
server: ECAcc (ama/48F2)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Mon, 02 Oct 2023 13:56:50 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 563 KB
55 KB 307ms
119ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 925abab99fc79f7b3fa197b6368a6906bf8d1ca42322b4605cda1a29a8e320e4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Sikqh.sTVW_wXb7goDOS_pUa3zWnUDeM
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:50 GMT
x-amz-request-id: 4BVHSN3EDGSCENH2
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 14
x-amz-replication-status: FAILED
content-length: 55612
x-amz-id-2: tUGQty+4TegwtTjaqdQ6RnIzIVyGBwPLBly7NEWHBgdL0LK4NPYwcDy2WWPAZ53d2Xs5FdD+iCI=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 12:56:50 UTC
server: nginx
x-timer: S1696251411.577178,VS0,VE24
etag: "c4d78338ff9a78196798b243480a78c2538e5ff9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 6
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

655ms
146ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10503
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpJCz6IebhYz3WwUg73mlUwqYdAvFQT8KEJUlpU%2BQee2kjHek3ul0eO6bJHLfRREnxhFcnSqXn135sAwxfsmxdIrncZR27aeZkLBj1zt%2BvFq0%2BYFrNb%2B9M7dFcq5piJ%2BXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 80fd1b9e9a3b026f-CDG

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/player/mvp/ 316 KB
117 KB 1090ms
222ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/mvp/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: b9ca88ff32a453c0d8a5bd64d52474826dd9225343b12bca882251daf5448682

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-664
cdn-cachedat: 09/30/2023 06:49:35
cdn-pullzone: 873945
last-modified: Sat, 30 Sep 2023 06:49:13 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 656
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6517c4e9-4eedb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 6ed6e688e67f5397bc10d49643eaa81b
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
567 B 395ms
382ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=86C9F80EBB654FBA435AD92395F15CD7&java=1&security=dd738f34&sc_snum=1&sess=95cc7e&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&t=%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%20%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2811&sc_rum_e_e=2817&sc_rum_f_s=0&sc_rum_f_e=2805&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 80fd1b94fd5b2291-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 impl.20231002-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 811 KB
168 KB 440ms
440ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e266a478a68472fff3721750281b3573c5f6f3deb44573842f00aeda7413d767

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: drAy8Eew5BrKFWfgC75E_OU_PXzE3OVx
content-encoding: br
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:51 GMT
x-amz-request-id: T47SDPWW4A88Z7RE
age: 13060
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 171872
x-amz-id-2: 7SG9ZdWF/rLlor/IbcHkZ+HuYpExoDxC958FWXcXus4opnAWqAbF5kOQwuPjkjk9Sv5eJxmunAc=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 09:19:12 GMT
server: AmazonS3-br
x-timer: S1696251411.039458,VS0,VE0
etag: "871b7e443a24941e2d572d14cb4c05d1"
vary: Accept-Encoding
content-type: application/javascript
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 9278

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 667ms
114ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1449208
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-ams21023-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696251412.799831,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 9, 17463

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 606ms
120ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1013311
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-ams21023-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696251412.799947,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 543659

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 596ms
96ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 228268
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 44 KB
10 KB 525ms
519ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A56%3A51.448&lti=deflated&data=%7B%22id%22%3A326%2C%22ii%22%3A%22%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696240873393%2C%22vi%22%3A1696251411444%2C%22cv%22%3A%2220231002-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html%22%2C%22vpi%22%3A%22%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2848%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2274.28125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61fc19f8ee4f3eb56094d05fb76135a3a2082cae2cc969b2cd3d0877627a922c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 376
date: Mon, 02 Oct 2023 12:56:51 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.9077083333333333
x-fastly-to-nlb-rtt: 64198
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21068-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1696251412.529107,VS0,VE376
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 405ms
98ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A51.438&type=info&msg=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&llvl=2&id=3437&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41644

GET
H2 204 debug
trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 406ms
99ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A51.439&type=info&msg=%7B%22mode%22%3A%22alternating-thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-feed%22%2C%22placement%22%3A%22Below%20Article%20Feed%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=7330&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41644

GET
H2 204 debug
trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 403ms
99ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A51.446&type=info&msg=Below%20Article%20Feed%20alternating-thumbnails-a&llvl=2&id=8468&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 41644

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 692ms
157ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39r0&_p=1568887740&cid=1566437459.1696251412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696251411&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&dt=%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%20%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 410 KB
130 KB 104ms
103ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4972893832cc7f114925446001ef0c43c031cbc7d2b2a8bed395c116c911402d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 508
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132541
x-xss-protection: 0
server: cafe
etag: 15229329507080665565
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 01 Oct 2024 12:48:23 GMT

GET 51acd2d77866f472d63e69f3f370eeb1.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309151607000/v0/ 8 KB
4 KB 620ms
121ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 26 Sep 2023 19:31:02 GMT
age: 494750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2976
x-xss-protection: 0
server: sffe
etag: "07fb3dc7eac63481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Sep 2024 19:31:02 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
809 B 124ms
124ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1696251411910
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F4) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 01 Oct 2024 12:56:51 GMT
date: Mon, 02 Oct 2023 12:56:51 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (ama/48F4)
age: 3981087
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 136ms
136ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CC) /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 02 Oct 2023 12:56:52 GMT
content-encoding: br
age: 1545949
x-cache: HIT
x-client-device: desktop
content-length: 122286
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: ECAcc (ama/48CC)
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:56:52 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
309 B 102ms
102ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 02 Oct 2023 12:56:52 GMT
content-encoding: br
age: 4514234
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (ama/48CB)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:56:52 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 114ms
113ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AA) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 02 Oct 2023 12:56:52 GMT
content-encoding: br
age: 1545949
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (ama/48AA)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 12:56:52 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 402ms
161ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYyNTE0MTIwNTcsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1kYW8tdGktemhhbi13YW5nLWppYS13YWktemktemFuLXRvbmcteGluLWRpYW4tYmlhby1wby0zMDB5dWFuLXRpYW4tamllLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=4224.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 401ms
160ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 floating-unit.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 106ms
105ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b2d5772335441979f31aca41500d413cce4ab0f4c310f142f25f0d3632e7bc1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: G5l3MGarJgguHG3FmeAoFTKVUeIcSg6d
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: BWANR1WJHBZXG7AW
age: 7701
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: rZDeEMJA8iu53mwM10WfhPy+jXtzm/bEm1azafR053vn+wkfaTYolUMLs/fVtmpAXT4mXPzV7W0=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:31 GMT
server: AmazonS3
x-timer: S1696251412.244997,VS0,VE0
etag: "b9551b0b9f3ec0b27aa86cb7b121248c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 513

GET
H2 200 taboola-vignette-new-scanning.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 176ms
175ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c2051fab338d2fc6c42c4e9e0d2efd44516c49c4a79a3d370a3058d12cd51be

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ux47IAub6VQUe1JkKml82Zgxx6qf4QMF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: C7646BA4JRM0VHK7
age: 7682
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8018
x-amz-id-2: qTI/VfUfNf7Ru7TUe4CDwWLMp9NnkDtoEdNwUxdzWANvDdUGpmTb8SCA9inL4c0tP76nRVfduf0=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:50 GMT
server: AmazonS3
x-timer: S1696251412.300844,VS0,VE0
etag: "343837a369554fe4c1189f301b4d1df0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 275

GET
H2 200 distance-from-article.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 151ms
151ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00eeb382209d2ba4319aba98a1def1220acd49b1b1b8bbdba41d562d2c096ee4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jGn2vHmSugDCa6q_3HpZs0ew0LPyDQtZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: 3ZMKGSDSTEKBK824
age: 7712
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1131
x-amz-id-2: u+bbqvnxcAMvqwGASM/Kbk4jS/wtQ5qgZ9O7q1WHAaFMl3T6HzGBcVU9Yg9yb/HZd3nKuF7pJDk=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:21 GMT
server: AmazonS3
x-timer: S1696251412.300826,VS0,VE0
etag: "d818a6efd8ea41faa06b29e076f6d895"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5098

GET
H2 200 article-detection.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 151ms
150ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: baafce427af0474bd5637572d99830f733903c0a441f9e3108ad47f818a6000c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1ib3Wacp3fXcSJQPw4oOen9KsetFHrPZ
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: TCJPD5ZT695RAR2B
age: 7718
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: CXIEjxCm1BsT9xsaSILOVwLb1oz+lFAdDlUQNKGUahOjUUxAG5af1b4eFtPRyY3HjR5KuTYk3HI=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:14 GMT
server: AmazonS3
x-timer: S1696251412.300791,VS0,VE0
etag: "99f5abaacbca17a9cc748f786daebb52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 99
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5102

GET
H2 200 article-and-feed-area-scanner.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 150ms
150ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2478bb6f14f23235c72da1e5c8dadced393190c56c3a2fbcc5c75c35c8692a9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DZScVINy.g6xvvEoZeVwcnptZrdK2SOF
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: JXZ7MGQS3AK7KFF0
age: 7720
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1147
x-amz-id-2: 3Yr7+9a3GXvcvsaMjKcJWUFp0SBkE78pd8lQ3GqKnQBrcNIOWfrNQwt03zpochEAz0kaPtKF/Sw=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:12 GMT
server: AmazonS3
x-timer: S1696251412.300777,VS0,VE0
etag: "ccb9fe6d986ff7c68e02de9c8f5ced84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1570

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/1.4.0/ 80 KB
24 KB 307ms
118ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/1.4.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: AMS1-P1
age: 2462182
x-cache: Hit from cloudfront, HIT
content-length: 23966
x-served-by: cache-ams21022-AMS
last-modified: Tue, 31 Mar 2020 13:14:35 GMT
server: AmazonS3
x-timer: S1696251412.467995,VS0,VE0
etag: "9284c0ece401137f8f576e2e3ba9e6c1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9MmP9h_QY6PcwsqfQWmWsHOMuimnyUhzMHB3bjIXU5sSTACvMXmHkQ==
x-cache-hits: 375

GET
H2 200 feed-card-placeholder.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 144ms
144ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a50e03e147ea50f5ba2ccc5998f632b4d4634ea39d5574077e9181678fa691b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3PAUzuy0eb2uX1yhAzBEgr0yKxyzbBh0
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: 7T89Z8RMPJ3KZBS3
age: 7706
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: QcDZb2gm/69HVWTs/2HjtQRrKYjMKUE5+Za9wet/KHAK6Ab3zMUS0UPXcucbScmBHO0nTHA69uo=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:26 GMT
server: AmazonS3
x-timer: S1696251412.300753,VS0,VE0
etag: "15cc86c69818fc189834370c97188b40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 4
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4015

GET
H2 200 userx.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 131ms
131ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d447507c4f067e15bcb62b7441f9240f600440baeb83afe870dbbeefc9fe742

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wx0olLiliVr.XDAz1cOYlkrokD._LwVv
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: FHGAZJJH9BZX379N
age: 7679
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: lMBbUX6pOxzLDvO292Rbjt+FW/eWbaA3+cwYWDMYuh7YuWBx6CXpJ5+2TgHb9IY5cl2ABo0be8Q=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:53 GMT
server: AmazonS3
x-timer: S1696251412.300738,VS0,VE0
etag: "da618094c28891ef1a21af349422c992"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1231

GET
H2 200 explore-more.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 116ms
116ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3876c915c728f4cd9db8a1e7d6372abacefa35981b786761f281856041cb81f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: O2Z0AcYA3Dj4VZyo066kkBK7JGL.Tbrm
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: JJFNFV284N77GVDP
age: 7708
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7706
x-amz-id-2: NY7MmCEzrbdVXL055pHx1clA+ZpAzbbFbRCFgPMQdkDEtwoRBFYeZ4Y4xZCBZrFKdxeoUjnsPQw=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:24 GMT
server: AmazonS3
x-timer: S1696251412.327564,VS0,VE0
etag: "0e8b8672175c8f6ad2e67f58d5a6396c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1738

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 488ms
126ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=14%3A56%3A52.189&id=1875&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 487ms
126ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1696251412191%7D&tim=14%3A56%3A52.191&id=5720&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 485ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.200&type=info&msg=Start%20Rendering%20taboola-vignette&llvl=2&id=257&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 485ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696251412204%7D&tim=14%3A56%3A52.204&id=5217&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 482ms
124ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.210&type=info&msg=Finish%20Rendering%20taboola-vignette&llvl=2&id=6129&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 483ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.224&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Feed%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=7485&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2

200

B29068018.355025866;dc_pre=CLSmk_e014EDFTaf_Qcd_isKXw;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CLSmk_e014EDFTaf_Qcd_isKXw;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

42 B
209 B

334ms
323ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CLSmk_e014EDFTaf_Qcd_isKXw;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=CLSmk_e014EDFTaf_Qcd_isKXw;dc_trk_aid=545989045;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 132ms
124ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.227&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=1791&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 133ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.234&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=4940&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 133ms
126ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.239&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Feed%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=156&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2

200

B29068018.355025866;dc_pre=COiok_e014EDFcvLEQgd5-oFHg;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=COiok_e014EDFcvLEQgd5-oFHg;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

42 B
220 B

331ms
320ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=COiok_e014EDFcvLEQgd5-oFHg;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N107001.3911388TABOOLACH/B29068018.355025866;dc_pre=COiok_e014EDFcvLEQgd5-oFHg;dc_trk_aid=565248756;dc_trk_cid=183186606;ord=;dc_ref=bg3.co
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 134ms
126ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.242&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=6519&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 135ms
127ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.246&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=8835&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 135ms
128ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.252&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=2334&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 136ms
128ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.255&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=8054&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 136ms
129ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.257&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=3258&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 227ms
219ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.260&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=8597&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 235ms
228ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A56%3A52.261&id=6550&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 227ms
220ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.263&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10671637%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=2085&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 228ms
220ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.266&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2471&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 228ms
221ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.269&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6915&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 233ms
226ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.270&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10671637%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=5675&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 234ms
227ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.271&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=2402&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 234ms
227ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.277&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=4127&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 235ms
228ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.280&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7465&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 236ms
229ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.282&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=573&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 236ms
229ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.286&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=5795&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
236ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.289&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=1830&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 244ms
237ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.292&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9456&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 108ms
107ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: TZRV815EMAFY1JBF
age: 96
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: v5SDmim5AHD1xUYx+tpwQ3ehER8nJJjDtZKSR7zLZUfaHgPhMWhJVk4BNKiXJLg3LG/QSQSHEMY=
x-served-by: cache-ams21068-AMS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696251412.375366,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 51
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 41

GET
H/1.1 200
OK playerConfig Show response
socket.unibots.in/website/ 4 KB
4 KB 1118ms
553ms XHR
application/json 172.104.206.52
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-206-52.ip.linodeusercontent.com
Software: / Express
Resource Hash: 16c1a8284ac22bac6889f84dcbc193f8ffd78f080d9e4378406b3a67b6b555b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Oct 2023 12:56:53 GMT
keep-alive: timeout=5
x-powered-by: Express
content-length: 3609
etag: W/"e19-vwRj2d0Nu4XpH6939n9fbHUAS6s"
content-type: application/json; charset=utf-8

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 244ms
237ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.390&type=info&msg=Finish%20Rendering%20taboola-vignette&llvl=2&id=6348&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 246ms
239ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.391&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=8049&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 247ms
240ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.395&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=7626&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 248ms
242ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.399&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=3994&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 250ms
244ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.401&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=3791&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 254ms
247ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.408&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=22&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 254ms
248ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.413&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=2394&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 87118

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 109 KB
110 KB 123ms
121ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 012f72ca7f09a7bdf7b311fa87bb2614c4cb8ae159ba5c2d9f717250481561ff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 2241944
edge-cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 521
expiration: expiry-date="Tue, 26 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://inacional.pt/
content-length: 111390
x-backend-name: CH_nlb804
x-served-by: cache-iad-kcgs7200065-IAD, cache-iad-kiad7000168-IAD, cache-iad-kiad7000032-IAD, cache-ams21068-AMS
last-modified: Sat, 26 Aug 2023 06:37:11 GMT
server: nginx
x-timer: S1696251413.522454,VS0,VE2
etag: "208b5e98b1735467f15b4f9869c3cbb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2, 1

GET
H2 200 uskp0l3naoa3rzejqkib.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/ 22 KB
22 KB 140ms
140ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/uskp0l3naoa3rzejqkib.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f93c7d91b256cdae350ba4f2beb17ab414c70262f1a93254affb7a9e52d8b3e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695644101/uskp0l3naoa3rzejqkib.jpg
age: 137557
edge-cache-tag: 378695557520618837294857908002853183595,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 378695557520618837294857908002853183595,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 251
req-referer: https://www.gazzetta.it/
content-length: 22286
x-request-id: e3f5da5bc9418f220526a37e26cb41e1
x-backend-name: CH_nlb803
x-served-by: cache-iad-kjyo7100073-IAD, cache-iad-kiad7000120-IAD, cache-iad-kiad7000075-IAD, cache-ams21068-AMS
last-modified: Mon, 25 Sep 2023 12:15:51 GMT
server: nginx
surrogate-reporting: width=800,height=400,bytes=26194,owidth=800,oheight=450,obytes=27926
x-timer: S1696251413.612525,VS0,VE1
etag: "aaf816755723584d7b60cfecabaaa9da"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1

GET
H2 200 awblc3geu323atcgyeyy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/ 16 KB
16 KB 112ms
111ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/awblc3geu323atcgyeyy.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1a4e37c10bba92af4eb38b95a1131d0f6459012e84f2fe1298879ddb876c66f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1695643537/awblc3geu323atcgyeyy.jpg
age: 607823
edge-cache-tag: 438435599239062881343739031521868447157,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 438435599239062881343739031521868447157,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 163
req-referer: https://madame.lefigaro.fr/
content-length: 16018
x-request-id: efd50b1faf03f6b5814c4c726f518c01
x-backend-name: CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100064-IAD, cache-iad-kjyo7100029-IAD, cache-ams21068-AMS
last-modified: Mon, 25 Sep 2023 12:06:31 GMT
server: nginx
surrogate-reporting: width=800,height=444,bytes=36476,owidth=800,oheight=450,obytes=35722
x-timer: S1696251413.685077,VS0,VE0
etag: "f3128056c4fbbe0012ae999bb47fed05"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 5, 2

GET
H2 200 9a4ecf5109be16031d28e9a01fadb46f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 125ms
118ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1d1a5dc11510d2cb674bb2747610da9ab7e6340fcab24b01b9bf374b96680d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
age: 4239163
edge-cache-tag: 628202487412726569341509448001726198285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628202487412726569341509448001726198285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 453
req-referer: https://www.trucs-et-astuces.co/
content-length: 8558
x-request-id: fc5be4b645498f0a9ccbeb01982141e7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kcgs7200104-IAD, cache-lga21939-LGA, cache-iad-kjyo7100035-IAD, cache-ams21068-AMS
last-modified: Tue, 18 Jul 2023 15:00:00 GMT
server: nginx
x-timer: S1696251413.758686,VS0,VE1
etag: "bd60a03c1d9e17816f7b357df113c3d6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1633, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 76 KB
77 KB 122ms
121ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6378d47bbd6a1f775f532cb753cef86ae7c5dda82d0592ac896a73936dc9ccc3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1637992
edge-cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 391
req-referer: https://www.sciencealert.com/
content-length: 77796
x-request-id: 46cfbee3afc200499b4c7c1a1af0576b
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200159-IAD, cache-lax10659-LGB, cache-iad-kjyo7100056-IAD, cache-ams21068-AMS
last-modified: Sun, 10 Sep 2023 20:59:51 GMT
server: nginx
surrogate-reporting: width=1344,height=672,bytes=180925,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696251413.803051,VS0,VE2
etag: "71e7328a598628fe3e7dc8b93d19f889"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 26, 1, 8, 1

GET
H2 200 59424d11b67a146f36ab9dc351cbb9a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 25 KB
25 KB 160ms
159ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2354f741a326d70b34d378a8a5e0fef00124d74ac84034264ef39eb8b25a6899

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
age: 2840340
edge-cache-tag: 319346970086859471899891715690691255847,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319346970086859471899891715690691255847,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 421
req-referer: https://www.hoerzu.de/
content-length: 25384
x-request-id: 8e2add1b6a4b132ad683214abacc3a85
x-backend-name: LA_nlb202
x-served-by: cache-iad-kiad7000050-IAD, cache-iad-kcgs7200109-IAD, cache-sna10735-LGB, cache-iad-kiad7000144-IAD, cache-ams21068-AMS
last-modified: Wed, 30 Aug 2023 08:14:37 GMT
server: nginx
x-timer: S1696251413.842531,VS0,VE1
etag: "832c608b7c272bb0fb590a0495622395"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 610, 1

GET
H2 200 850852672__UWNBpYXa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 14 KB
14 KB 160ms
159ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/850852672__UWNBpYXa.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eaf9a8645a06b7c22651eb527b7aebad6fede122f1377cbb9ded6f0a7f4b14cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/850852672__UWNBpYXa.jpg
age: 4084204
edge-cache-tag: 591914264284059233678941323578953611142,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591914264284059233678941323578953611142,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 73
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://programmetv.ouest-france.fr/
content-length: 13968
x-backend-name: LA_nlb204
x-served-by: cache-iad-kiad7000112-IAD, cache-iad-kcgs7200057-IAD, cache-sna10749-LGB, cache-iad-kcgs7200111-IAD, cache-ams21068-AMS
last-modified: Tue, 01 Aug 2023 08:23:40 GMT
server: nginx
x-timer: S1696251413.842508,VS0,VE1
etag: "0d647dcf5acc2d51e31ca06561d895c9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 12, 1, 7, 1

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 87 KB
88 KB 172ms
171ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbf4f8ecfd45e554e169f6ef4d672b2fd3bbc3a1a79728607a31f7395eba72

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 4035432
edge-cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 311
req-referer: https://doctortian.com/
content-length: 89246
x-request-id: 3eff1eeb57ddf77dc0841e1e3cefad5c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-lax10664-LGB, cache-iad-kjyo7100170-IAD, cache-ams21068-AMS
last-modified: Thu, 10 Aug 2023 14:24:09 GMT
server: nginx
x-timer: S1696251413.842524,VS0,VE3
etag: "ecebe3f0b20bc86f86907281770c8cb6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 7, 1, 11, 1

GET
H2 200 9a4ecf5109be16031d28e9a01fadb46f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 170ms
170ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c6a50b9cbac5c91708b0dcf9cae3c3165d2569040cec6d4cb6a111be6929bf0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
age: 3562007
edge-cache-tag: 628202487412726569341509448001726198285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628202487412726569341509448001726198285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 333
expiration: expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://html.rincondelvago.com/
content-length: 18892
x-backend-name: LA_nlb201
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kiad7000116-IAD, cache-sna10724-LGB, cache-iad-kjyo7100029-IAD, cache-ams21068-AMS
last-modified: Mon, 14 Aug 2023 17:32:39 GMT
server: nginx
x-timer: S1696251413.842471,VS0,VE1
etag: "d32c7f0a00691d25e92fe62e483686f3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 27, 1, 48, 1

GET
H2 200 59424d11b67a146f36ab9dc351cbb9a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 95 KB
95 KB 325ms
324ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2585069ee847eff642facde480a4c355a40a7d0bdc7c8ee878d79545bfe64713

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:52 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
age: 2868136
edge-cache-tag: 319346970086859471899891715690691255847,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319346970086859471899891715690691255847,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 249
req-referer: https://www.derwesten.de/
content-length: 96922
x-request-id: 5f37996c9b4da5b241aeb871fdb2fdaf
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200124-IAD, cache-iad-kcgs7200025-IAD, cache-lga21980-LGA, cache-iad-kiad7000029-IAD, cache-ams21068-AMS
last-modified: Wed, 30 Aug 2023 08:14:37 GMT
server: nginx
x-timer: S1696251413.919306,VS0,VE1
etag: "ddeb4c2791f0bd61f947b80868622a67"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 409, 1

GET
H2 200 850852672__UWNBpYXa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 28 KB
29 KB 310ms
307ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/850852672__UWNBpYXa.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af8cadf5b01f5e9ef649fec024dd3ad96a8a4fcafcc481fc2fdf063dca683852

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/850852672__UWNBpYXa.jpg
age: 2213555
edge-cache-tag: 591914264284059233678941323578953611142,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 591914264284059233678941323578953611142,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 162
req-referer: https://www.t-online.de/
content-length: 29042
x-request-id: 8b4d14ddf0593541ceb058dade6e7024
x-backend-name: US_nlb102
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kiad7000102-IAD, cache-iad-kcgs7200070-IAD, cache-ams21068-AMS
last-modified: Wed, 30 Aug 2023 22:23:46 GMT
server: nginx
x-timer: S1696251413.174958,VS0,VE1
etag: "0d647dcf5acc2d51e31ca06561d895c9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5, 1

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 125ms
125ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyNTE0MTI0NDAsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1kYW8tdGktemhhbi13YW5nLWppYS13YWktemktemFuLXRvbmcteGluLWRpYW4tYmlhby1wby0zMDB5dWFuLXRpYW4tamllLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4606.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 113ms
113ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyNTE0MTI0NTIsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1kYW8tdGktemhhbi13YW5nLWppYS13YWktemktemFuLXRvbmcteGluLWRpYW4tYmlhby1wby0zMDB5dWFuLXRpYW4tamllLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4618.599998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 186ms
186ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTYyNTE0MTI0NTYsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1kYW8tdGktemhhbi13YW5nLWppYS13YWktemktemFuLXRvbmcteGluLWRpYW4tYmlhby1wby0zMDB5dWFuLXRpYW4tamllLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4622.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 167 KB
50 KB 709ms
708ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179827057835394&correlator=2683007780037713&eid=31078015%2C31068367&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1696251412487&lmt=1696244212&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1566437459.1696251412&ga_sid=1696251412&ga_hid=1568887740&ga_fc=true&dlt=1696251410315&idt=1492&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0_pv%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a274b538492eafea01d32db453e2fc5aa8fdb76edc5db589dd420cb0a4b21f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50633
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB54 6 KB
3 KB 953ms
155ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:53 GMT
expires: Tue, 01 Oct 2024 12:56:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/ 37 KB
13 KB 177ms
177ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab8007c277130826b8a87e5b30bd689ee55a199d430c36e2032c9611a538dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 508
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13202
x-xss-protection: 0
server: cafe
etag: 9134410016569746439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 01 Oct 2024 12:48:24 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 188ms
188ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTYyNTE0MTI0NDAsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2Jhbi1kYW8tdGktemhhbi13YW5nLWppYS13YWktemktemFuLXRvbmcteGluLWRpYW4tYmlhby1wby0zMDB5dWFuLXRpYW4tamllLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=4685.200000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
614 B 110ms
109ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5781
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khQyTok2Z0LQENHQtO1gVWyUa0Ix1fwVnH0AQQjq4%2BHxnXSP9ueiFMOH1Y9ztLiYyVMkOs5umaAeNr8XdjNmFhpbnNL2ewkXlrN5YnQYlXqoIOwth7q6cLYXx9knbTzCTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 80fd1ba11de2026f-CDG

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1122ms
293ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 61acbd4cbfd43b12f4600155110d6cef11996ed412e4d785580286cd78d4246f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:53 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 750ms
89ms XHR
application/json 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231002

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7f8f0e6487904fc554d741c1711821911ea29ea9b75b6742d31b77bd5e536c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32159
x-jsd-version: 1.0.1830
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"637-jHTfxA5WF5KhCVIkhGcQK8uV73I"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6o7D%2FGioTsth1wsWQ9TmrCL%2FpFJJjW26zxN8iFzcTuLidveiBfNa8%2BzYnL%2F5qjwfe56wyaPI9fVOeI%2B8LGxj8jJmN5f%2BANP0ZUI6mrc3getgvUQVk4xloDbv7O0JS6CWk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80fd1ba5890624c4-ZRH

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 600ms
110ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 19 KB
10 KB 837ms
241ms XHR
application/json 18.194.200.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cbabcc5b1b76087bbf595369fcef9b4ceb5685f8321ea0fc9d7a0a44208721d3

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 Oct 2023 12:56:53 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 9790

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
313 B 702ms
226ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4472f9d7017f3d1948cd50b5472acda3b8e9cb15d66aefd1f27c287c6b9671b4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5aRTGE6%2BWJiLmK%2FZVZKEbwelOpkKViUehBxoMZFXAxyQ%2Bbkw8jykvZ5iIokoUVHVA4BmjXFOVqRgzsulkarMInVB04egfB7wgBL78A%2Bhh1LUM%2FIQklqrAgoaG9GqoKSZfw3Zj6q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80fd1ba4ff873c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
547 B 633ms
160ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4472f9d7017f3d1948cd50b5472acda3b8e9cb15d66aefd1f27c287c6b9671b4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUMVTb%2FTP2JShu1YegQMws%2B9%2BMPWXUhw2%2BrQjGA97RSieLoV6RpUO03k29tpyQGNK4MzBaqn4pF%2FhOx6sTjfAwC4PUyL9dtG2CnKRApoxx%2BjnjLjjQHiSb2ocM08wtoN5OBtSLT%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80fd1ba4ff893c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
702 B 606ms
137ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-3-65-53-73.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

ab58fae59646ed86213f66722f4759b3e1c8e262a9d6ace39ece2720d1ba1c7d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
an-x-request-uuid: 10d66d9b-fc64-40e8-ada5-1ed5c552326a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 657ms
195ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80fd1ba54a302a7c-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
636 B 617ms
98ms XHR
application/json 3.65.53.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.53.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
accept-ch: sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status: 29, 29, 29, 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 811ms
360ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 25e42f49eaa16d00e80d07d181783a19460d6f5de528655e4dbd686107c506d5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 561ms
111ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 996ms
410ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=56955243070&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:53 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
498 B 548ms
103ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
778 B 1918ms
1457ms XHR
application/json 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9460
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 943ms
440ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 02 Oct 2023 12:56:53 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
467 B 703ms
114ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: badf8f0bb871ca9eec0ca6ff30520db0139f23595436cd70c4266f89b590792c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.130.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 172
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
7 KB 976ms
229ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=988a1d01-70e3-4162-b9a9-6f229e4054f4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=a2db1123-9dc7-4b47-a658-c3ec35076ec1&l_pb_bid_id=43c03b7a8722eea&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a2db1123-9dc7-4b47-a658-c3ec35076ec1&rp_maxbids=1&slots=1&rand=0.02982762933316252
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9f36d3f1a96a234d65e9392df29e6f5bd745f1cf997c2275446c079c32fbff62

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
454 B 597ms
101ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 9
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 643ms
175ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a1c7a8d36121bdebd0d1aeda1eca201bccb1d2745c8cb66da63e7b151a98eea

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:53 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 668ms
95ms Script
application/javascript 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 09 Oct 2023 12:56:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 706ms
147ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 10:59:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Oct 2023 12:56:53 GMT

GET
H2 200 spa-detector.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 362ms
351ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2503a07678a468a102102708555683e021d6fe1507a8f3e85b2950cf696b8bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: yWP8Lf5WbjfCNI5iRRbxfhzBH2sfrlqT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:52 GMT
x-amz-request-id: 60JK885A6H5130SF
age: 7691
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 778
x-amz-id-2: AfHihL6A6A2Jjtxque+PuypME+1G6Msf/FO/iirj80jRpu5n7TDObE2yjjkBAJA8f80NJ1HJNq0=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:42 GMT
server: AmazonS3
x-timer: S1696251413.951019,VS0,VE0
etag: "cd1eccdc05ed26dafdfffc547c1f8b36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 42
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1854

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 370ms
359ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A56%3A52.832&id=9949&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 367ms
360ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1696251412833%7D&tim=14%3A56%3A52.833&id=4036&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 368ms
361ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A56%3A52.840&id=8664&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 368ms
362ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1696251412845%7D&tim=14%3A56%3A52.845&id=2450&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 859ms
300ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.07488883383275313&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 200 next-up-widget.20231002-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 337ms
296ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20231002-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6ddfa797b0c1ede7e60f0164584a62079737cb19a0997691a12ae9605046ada

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ShwO2a8.w2dgxWidgRfVo1o2CBpPtPBD
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:53 GMT
x-amz-request-id: KYHTGHGMATCBHRJF
age: 7698
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4622
x-amz-id-2: jVw1ku1HoYfCWfX0vo+tMqzkQxwqS6MBAksB/iM0/R/OvzAd6iYF097dkL0ZuJeC77H26fO6mgk=
x-served-by: cache-ams21068-AMS
last-modified: Mon, 02 Oct 2023 10:48:35 GMT
server: AmazonS3
x-timer: S1696251413.174978,VS0,VE0
etag: "abca65cb109beebe80d1f005614c7a0c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 21
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 504

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 351ms
339ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2597%7D%22%2C%22eventTime%22%3A1696251412910%7D&tim=14%3A56%3A52.910&id=8096&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 313ms
313ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=11906&lti=deflated&ri=0326f46ef0365bbd682318086d1d2f8c&sd=v2_9948eef3e2729f41dc3b1547686fba71_fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393_1696251411_1696251411_CNawjgYQ2YJdGPT32YOvMSABKAEwKziy0A1AvogQSNPb2QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&pi=/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&wi=7562072610410237323&pt=text&vi=1696251411444&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.484375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A56%3A52.974&id=5246&llvl=2&cv=20231002-5-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 289ms
288ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A52.998&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3099&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 97739

GET
H2 200 container.html Show response
d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC01 6 KB
3 KB 185ms
156ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:53 GMT
expires: Tue, 01 Oct 2024 12:56:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 155ms
155ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A53.369&type=info&msg=Start%20Rendering%20Next%20Up&llvl=2&id=1307&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 97023

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 161ms
161ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A53.374&type=info&msg=Finish%20Rendering%20Next%20Up&llvl=2&id=1357&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 97023

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 224ms
223ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A56%3A53.382&type=info&msg=Finish%20Rendering%20Next%20Up&llvl=2&id=8662&cv=20231002-5-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 97968

GET
H2 200 629dfa86227171d48b9add7486e1a14c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 139ms
138ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 131b7b6f2de2877da6acd13d298e826ca9f958e21b0795325f31a62120fe3807

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/629dfa86227171d48b9add7486e1a14c.png
age: 1100956
edge-cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461980016182532422853203095584589787985,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Sun, 24 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://footballitarin.com/video_page.php?id=127686
content-length: 7746
x-backend-name: CH_nlb804
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kiad7000084-IAD, cache-iad-kcgs7200049-IAD, cache-ams21068-AMS
last-modified: Thu, 24 Aug 2023 01:18:11 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1344,oheight=896,obytes=2183212
x-timer: S1696251413.432449,VS0,VE1
etag: "d0128170b80ae3f72d7f0bc017645d98"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3, 1

GET
H2 200 9a4ecf5109be16031d28e9a01fadb46f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 139ms
135ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40f23dc3b27ef94f29d1719f1a1c7ce2a3156a719ee0a56e919de605e7277976

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9a4ecf5109be16031d28e9a01fadb46f.jpg
age: 3324330
edge-cache-tag: 628202487412726569341509448001726198285,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628202487412726569341509448001726198285,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 209
expiration: expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://usnewson.com/
content-length: 4662
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000130-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kcgs7200140-IAD, cache-ams21068-AMS
last-modified: Tue, 01 Aug 2023 10:31:14 GMT
server: nginx
x-timer: S1696251413.442596,VS0,VE1
etag: "27df80056564a8b46a0991fafd335fdf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 135, 1

GET
H2 200 59424d11b67a146f36ab9dc351cbb9a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 134ms
133ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30389383e39d0ed549be33ff47a85afdc4e5b3b8b33ed46d1bb8fa40a1b6e48c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59424d11b67a146f36ab9dc351cbb9a9.jpg
age: 1055724
edge-cache-tag: 319346970086859471899891715690691255847,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 319346970086859471899891715690691255847,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 84
expiration: expiry-date="Sat, 30 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tcpalm.com/
content-length: 5790
x-backend-name: CH_nlb802
x-served-by: cache-iad-kiad7000081-IAD, cache-iad-kiad7000052-IAD, cache-iad-kiad7000042-IAD, cache-ams21068-AMS
last-modified: Wed, 30 Aug 2023 16:13:39 GMT
server: nginx
surrogate-reporting: width=160,height=160,owidth=1000,oheight=667,obytes=577708
x-timer: S1696251413.442579,VS0,VE1
etag: "30cb7c2b1ce10cfe15e8f6b52f6caa79"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 17, 1

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
319 B 220ms
220ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=12611&tvi50=11906&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 115
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 64048
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21068-AMS
pragma: no-cache
server: nginx
x-timer: S1696251413.455768,VS0,VE115
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
136 B 132ms
132ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 9
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 115ms
113ms XHR
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 136ms
135ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80fd1ba67c1a2a7c-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
701 B 128ms
107ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

ec82e621384c9f9219ed2a1c719d36cfb16d80226632188318c27a9346a5cf89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
an-x-request-uuid: 1bb7945a-fcf1-4f5d-bdf9-e8d2e689af19
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 109ms
87ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-65-53-73.eu-central-1.compute.amazonaws.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 275ms
243ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fb2c87788c2161f731ec5abd9006ac83fcd23aa4d4b18993f7bf21e7d82276c4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 122ms
91ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:53 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
587 B 119ms
89ms XHR
application/json 3.65.53.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.65.53.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
accept-ch: sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
824 B 139ms
112ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6465d2e076cbc048e1b88ecf89905eb703aa2f688d6c5930155219275035cb51

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:53 GMT

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
469 B 166ms
131ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: bd6e174eb9be5d6b7363b9873859a969707c3205804b6e70c21db0945036db67

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.130.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 15 KB
7 KB 301ms
231ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=988a1d01-70e3-4162-b9a9-6f229e4054f4%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=c6b7b11a-eb09-4382-b7f7-63888cbc8ecc&l_pb_bid_id=720aa478564c981&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c6b7b11a-eb09-4382-b7f7-63888cbc8ecc&rp_maxbids=1&slots=1&rand=0.7382154795539893
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8d56fa90cebad77747531862ac4e7d9e5783d624984a5fea41b1e3a7aad63417

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
493 B 340ms
319ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Mon, 02 Oct 2023 12:56:53 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
308 B 257ms
237ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b18eb86c06cd23d9515dbc36ed35a98924223b351af7fc993270510e326c15

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yF5nUZR3gS2p3Wc7HUQDCWyAEi1HQMoPlm5ULOQtvna27MbdEXVEd%2FzJruL8ZpI8xDBHiaDnejACqVBrqZwR9aqB%2FnntxYG3bW5dA5Ll6s9hTb8Hu7QkuyNKeHDiu4ygjqInTgBo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80fd1ba689c33c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
306 B 257ms
238ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b18eb86c06cd23d9515dbc36ed35a98924223b351af7fc993270510e326c15

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yapb3O1Vp%2B5VAjlYGkhdGs65ITp6mC5xupQb7T02CTHJepCcaOprfZwe9RiIVuuZZOFp5oHzfQJmxf3G05Rtu2EjXBZQu0uua4vLB9CVYGOxzOhCfqcIe2D4xV4par2JBb7FGQgk"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80fd1ba689ce3c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
312 B 189ms
170ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b18eb86c06cd23d9515dbc36ed35a98924223b351af7fc993270510e326c15

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X22Tzvma6VQ0ImZaWcr9%2FHfhq0H5nFl1r5XSTaAnQyrSY9nRVuknLPqogb9IMBo9b4BPcODsswE58qUmrUOg3EB6jfC4%2Flg1z3ClFJDsvJigigyB7Rn2OkJn1VrSh%2BnubgZAEsM%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80fd1ba689d03c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 18 KB
15 KB 353ms
247ms XHR
application/json 18.194.200.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5264aae25c4af11eaf5b1c4af960ca40247569f7bd1b2dbd79b138ae80b6dba5

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 Oct 2023 12:56:53 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 14744

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
779 B 128ms
111ms XHR
application/json 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10163
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1b1a726ace93f30396acbafcd728f86ca39e191a2c92dea99c487e4e00850ad8

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 256ms
241ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=80115873989&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 02 Oct 2023 12:56:52 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 socket.io.min.js Show response
cdn.socket.io/4.5.4/ 43 KB
13 KB 473ms
179ms Script
application/javascript 18.66.97.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.socket.io/4.5.4/socket.io.min.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-111.fra56.r.cloudfront.net

Software

Vercel /

Resource Hash

18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:50 GMT
content-encoding: gzip
via: 1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000
x-amz-cf-pop: FRA56-P2
age: 6070717
x-cache: Hit from cloudfront
content-disposition: inline; filename="socket.io.min.js"
server: Vercel
x-vercel-id: cdg1::5jf72-1690394030373-77073517fca8
etag: W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-amz-cf-id: tRERMYS89HIt-P56FxxSRzk7pBN-s_X_IAqfMACLvoldCGNi9C3Hog==

GET
H2 200 prebid.js Show response
cdn.unibotscdn.com/player/prebid/ 465 KB
150 KB 94ms
91ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 3518aec29d9d15101a5c9a36164c0d18bf4cc9a38f870a5174ad9e3292201867

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-588
cdn-cachedat: 09/22/2023 04:09:06
cdn-pullzone: 873945
last-modified: Wed, 02 Aug 2023 08:32:45 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64ca14ad-7435c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 3fb5386237cba64a67f3e3b8c7540ec9
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ Frame BC01 4 KB
744 B 182ms
179ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 12:49:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Oct 2023 12:56:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3418 2 KB
945 B 852ms
279ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 16:48:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 3418 23 KB
9 KB 850ms
280ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 16:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 16:48:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3418 3 KB
1 KB 846ms
276ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 06:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 06:31:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 3418 20 KB
8 KB 824ms
255ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 16:48:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3418 182 KB
58 KB 806ms
269ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 3418 36 KB
15 KB 654ms
112ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame BC01 20 KB
8 KB 821ms
267ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-144-228.compute-1.amazonaws.com

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 17:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 17:10:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC01 205 B
296 B 694ms
167ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 532056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Sep 2024 09:09:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC01 604 B
919 B 692ms
166ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 15:52:04 GMT
x-content-type-options: nosniff
age: 75890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Sep 2024 15:52:04 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1327ms
394ms Fetch
application/json 3.233.144.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvYmFuLWRhby10aS16aGFuLXdhbmctamlhLXdhaS16aS16YW4tdG9uZy14aW4tZGlhbi1iaWFvLXBvLTMwMHl1YW4tdGlhbi1qaWUuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
245 B 433ms
433ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvYmFuLWRhby10aS16aGFuLXdhbmctamlhLXdhaS16aS16YW4tdG9uZy14aW4tZGlhbi1iaWFvLXBvLTMwMHl1YW4tdGlhbi1qaWUuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 01 Oct 2024 12:56:54 GMT
date: Mon, 02 Oct 2023 12:56:49 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
632 B 812ms
117ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:55:26 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 89
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: T5oP-lcjR4H_yRSHz-KVhl9leGvik_D_WoBjVxHcdHfTQe7lNPA1pQ==

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 6665 714 B
609 B 114ms
108ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 3137
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 80fd1ba84f8f026f-CDG
content-encoding: br
content-type: text/html
date: Mon, 02 Oct 2023 12:56:53 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDEWq7Ru2cCkq%2B926rnRJI7RjFmg0I0ujItvIUWipD0SKwJL43mV8hNiYojbr2w65AO9WSQnxc3pnmfJpHVskY7NaugMm0v7D0WDoYaFZOz68Xa6GAQIi4nVmLwJvF6iHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 54CC
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

504ms
106ms

Document
text/html

88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Oct 2023 12:56:54 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 02 Oct 2023 12:56:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
273 B 996ms
418ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:54 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7651 18 KB
8 KB 821ms
201ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29569f880bb55639d60d9679ca7011d8366282cb2b3b8522903b916e58f81670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
server: cafe
etag: 9128301441809583949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 92ms
91ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYW4tZGFvLXRpLXpoYW4td2FuZy1qaWEtd2FpLXppLXphbi10b25nLXhpbi1kaWFuLWJpYW8tcG8tMzAweXVhbi10aWFuLWppZS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6IjhkZTQ2YWM1LWI5YzItNGI2OC05ZDZiLWNhZGI0MGZjMDc3ZSIsInRpbWVPZkF1Y3Rpb24iOjE2OTYyNTE0MTI4MTYsImJpZHMiOlt7ImNwbSI6MC4wNSwiYWRJZCI6IjkxZDk2ZDlhMDZiY2U1MiIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzMzLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjI1MTQxMzc5Nn0seyJjcG0iOjAuMDIzMDI2NSwiYWRJZCI6IjkyNDFlMmE3MzczNmE5ZiIsIm9yaWdpbmFsQ3BtIjowLjAyNzA5LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjMwMjY0OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYyNTE0MTM4MzV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoicnViaWNvbiIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTFkOTZkOWEwNmJjZTUyIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1fV0sImNvdW50cnkiOiJDSCJ9&c_b=6009.5
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:53 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
13 KB 532ms
531ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179827057835394&correlator=2922938514089315&eid=31078015%2C31068367&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfa20ea4f4b947fe9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MY3WyBgoQhhotIy-xMkHhmHMxXBIQ&gpic=UID%3D00000c8a4aee29c9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MbiYfhUqktB9sCoxfRQ7TnVFnA0Yw&arp=1&abxe=1&dt=1696251413865&lmt=1696244213&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1566437459.1696251412&ga_sid=1696251412&ga_hid=1568887740&ga_fc=true&dlt=1696251410315&idt=1492&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D91d96d9a06bce52%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=2825066673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac0e1e007d4205a480d9b0585755537cafa72f8a863c74192e8e8eb4714e0741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12787
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6665 98 KB
29 KB 182ms
182ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f5a4635faac7a82478fa78ffc3a1423722b56f269f6c0d8f3e9d3747817f71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29364
x-xss-protection: 0
server: cafe
etag: 797 / 19632 / 31078333 / config-hash: 17269892211909561512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:53 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
766 B 160ms
160ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 02 Oct 2023 12:56:54 GMT
via: 1.1 varnish
x-amz-request-id: ZFRPC3PFTHSKWAJC
age: 5675
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by: cache-ams21068-AMS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696251414.087680,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 710

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 119 B
275 B 431ms
118ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a68c1d954e93a0c25f6b5c5eb63c993ea3df54aa5c2290d8465d1de5c77d0677

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Oct 2023 12:56:54 GMT
Content-Length: 119
Content-Type: application/json; charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ Frame 6665 413 KB
131 KB 110ms
110ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2940
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133452
x-xss-protection: 0
server: cafe
etag: 5291400228273913750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 01 Oct 2024 12:07:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 204ms
203ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2e00dff7a3f17cc85f379ed591440bb0c2013f43bbfdddb210a8290c194a418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 233ms
233ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:54 GMT
x-amz-request-id: QGKR13PZZQJQBXVH
age: 634
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by: cache-ams21068-AMS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1696251414.304381,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 45
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1004

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 233ms
233ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 02 Oct 2023 12:56:54 GMT
x-amz-request-id: VQM60MBKQFQCY8SS
age: 5249
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by: cache-ams21068-AMS
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1696251414.304352,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1355

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6665 492 B
375 B 152ms
115ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3413551041692007&correlator=3855433141948061&eid=31078333&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1696251414430&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=w71b1mioept2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=682974345.1696251414&ga_sid=1696251414&ga_hid=1836036363&ga_fc=false&dlt=1696251413886&idt=515&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afa5026c01c052863eb384cd00d25d445990c026de1387d8c6fb1785a6d0b429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4145ba4976f095da2ee65b669d0665e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C534 6 KB
3 KB 187ms
118ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4145ba4976f095da2ee65b669d0665e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:54 GMT
expires: Tue, 01 Oct 2024 12:56:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 99ms
99ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=1568887740&cid=1566437459.1696251412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696251414&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&dt=%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%20%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8602 6 KB
3 KB 78ms
77ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:53 GMT
expires: Tue, 01 Oct 2024 12:56:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
138 B 100ms
98ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-ams21022-AMS
date: Mon, 02 Oct 2023 12:56:54 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 54CC 35 KB
11 KB 97ms
97ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 17300e76bedfa2eff7351d57018c9dc281d2b7bdb8beee83de14bc3c29933040

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 07:34:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67055
Connection: keep-alive
Content-Length: 10473
Expires: Tue, 03 Oct 2023 07:34:29 GMT

GET
H2 200 bg3.co_1695642730139.js Show response
cdn.unibotscdn.com/clientdata/js/ 667 B
837 B 68ms
68ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-662
cdn-cachedat: 09/26/2023 10:16:02
cdn-pullzone: 873945
last-modified: Tue, 26 Sep 2023 10:14:53 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6512af1d-29b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 8cc547641fee08b63e03e55f6db3b9f5
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 119 B
275 B 65ms
65ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a68c1d954e93a0c25f6b5c5eb63c993ea3df54aa5c2290d8465d1de5c77d0677

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Oct 2023 12:56:54 GMT
Content-Length: 119
Content-Type: application/json; charset=utf-8

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 69ms
69ms Stylesheet
text/css 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-680
cdn-cachedat: 09/28/2023 14:29:50
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ff7f39a3638d51303dc7b827b9472f63
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 103ms
103ms Stylesheet
text/css 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-165
cdn-cachedat: 09/22/2023 13:07:19
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 2b0de5ffd8aae34e119cf341a13ad886
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 112ms
112ms Stylesheet
text/css 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-662
cdn-cachedat: 09/28/2023 12:52:20
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: f09e3e3283b474bd6668f8cb8203d312
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 5 KB
2 KB 101ms
100ms Stylesheet
text/css 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
cdn-edgestorageid: 1078
cdn-storageserver: DE-680
cdn-cachedat: 09/28/2023 12:54:34
cdn-pullzone: 873945
last-modified: Fri, 25 Aug 2023 05:21:29 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e83a59-1333"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 17b1305a2bb80fc44dc8bbe67406c044
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
123 KB 762ms
230ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea582ef1baf5e03535a91a5b3dc94658a3622fe76b34aa07634a7f3078ca007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125651
x-xss-protection: 0
expires: Mon, 02 Oct 2023 12:56:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7651 144 KB
50 KB 155ms
154ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c79de9438efdfb2d293f83321caa0708403a199ce5298b820ff2b56aaa2b77b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50681
x-xss-protection: 0
server: cafe
etag: 10259848743605086280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 77ms
77ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYW4tZGFvLXRpLXpoYW4td2FuZy1qaWEtd2FpLXppLXphbi10b25nLXhpbi1kaWFuLWJpYW8tcG8tMzAweXVhbi10aWFuLWppZS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxMzVhOGQyYi05MDkxLTRlOWUtOGVhNi1lN2IyYjMzZDhlMWUiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk2MjUxNDEyNzEzLCJiaWRzIjpbeyJjcG0iOjAuMDIzMDI2NSwiYWRJZCI6Ijg5MDlmZGU2NTBjMTI3MyIsIm9yaWdpbmFsQ3BtIjowLjAyNzA5LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjMwMjY0OTk5OTk5OTk5OTcsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjkxNSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTYyNTE0MTM2NTR9LHsiY3BtIjowLjA1MzMwMiwiYWRJZCI6IjkwMDMxNDA0YzVmMmNlYSIsIm9yaWdpbmFsQ3BtIjowLjA1MzMwMiwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDUzMzAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoxMDA0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NjI1MTQxMzc5M31dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJydWJpY29uIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI5MDAzMTQwNGM1ZjJjZWEiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDUzMzAyfV0sImNvdW50cnkiOiJDSCJ9&c_b=6943.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:54 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4BB6 478 B
242 B 733ms
232ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWTQfCaa82iS25mpe9nknsy4w_pihnKTPYVvBSXz-pkeWXdxP74qG3wbW0O8h267xk2Ez__TRLYSFujACB9B-hXl80U1Q

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8602 89 KB
31 KB 185ms
184ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf78f79b0606670978e34ce28d41e3bd377aa7dfabf302119dccb61c4eb207d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31451
x-xss-protection: 0
server: cafe
etag: 13146691652413439477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8602 42 B
110 B 205ms
204ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJKbGy8x93nvoO25JrmROGG1AyrghPBY7GhIXUDzwlHajhzACRceNZY9t5ANnk4nE3PAtuvsjCz3JKBzZzj3lMNYLIarapQukRfs3YunlSD44-LIo

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8602 0
121 B 203ms
203ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11929537762369071834&x=1&ct=77

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 8602 3 KB
1 KB 76ms
75ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 06:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 06:31:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 8602 20 KB
8 KB 107ms
107ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 16:48:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8602 0
0 585ms
96ms Image
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyiTRdlUYCuuvJFJTNPl4gUc4L9O8cdoLnE67Or0OmCrFS5HHheC3khEB43Zxb-puVcOJIybBFJDhECGgVQlcnA9g9Kg
Requested by: Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8602 182 KB
57 KB 98ms
97ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:54 GMT

GET
H2 200 pixel;r=985613702;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c...
pixel.quantserve.com/ 35 B
372 B 109ms
99ms Image
image/gif 91.228.74.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=985613702;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1821622437-1696251413680;pbc=988a1d01-70e3-4162-b9a9-6f229e4054f4;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1696251414830;tzo=-120;ogl=;ses=3036850c-4cbf-4156-9b30-d199658777cb;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 390ms
390ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=179827057835394&correlator=3625865507689609&eid=31078015%2C31068367&output=ldjh&gdfp_req=1&vrg=202309260101&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dfa20ea4f4b947fe9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MY3WyBgoQhhotIy-xMkHhmHMxXBIQ&gpic=UID%3D00000c8a4aee29c9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MbiYfhUqktB9sCoxfRQ7TnVFnA0Yw&arp=1&abxe=1&dt=1696251414841&lmt=1696244214&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1566437459.1696251412&ga_sid=1696251412&ga_hid=1568887740&ga_fc=true&dlt=1696251410315&idt=1492&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_5_0%26cluster_reporting%3Dchrome_DESKTOP_5_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D90031404c5f2cea%26hb_ap_bidder%3Drubicon%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26adro%3Dv6_c&adks=1420297610&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b46ff4952405545bf98ec24fb08158c034b5b07381c07ccb1d640c40adf3f410

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12596
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6665 16 KB
12 KB 1990ms
1130ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d690e6bdd39dab78df7509e69b07579c533c86d883ab9c01976f7845360063f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 713ms
246ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=fd94289c-ca11-48a7-91d8-c96dcafba1ae-tuctc144393&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 Oct 2023 12:56:55 GMT
cache-control: no-store
server: nginx

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B0C 37 KB
15 KB 118ms
118ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 494321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:13 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 54CC 7 B
764 B 411ms
105ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/ Frame 7651 378 KB
128 KB 165ms
165ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de2996530f4cc33c0be1128f759f4441ac2bb3709ece4a36cbf50ea813dd647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131213
x-xss-protection: 0
server: cafe
etag: 6671182830802536925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame AC27 10 KB
5 KB 246ms
188ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 11:28:11 GMT
etag: 2603938475786422795
expires: Mon, 16 Oct 2023 11:28:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8602 0
56 B 277ms
276ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3033590059768&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8602 0
56 B 271ms
270ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3033590059768&version=m202309120101&ct=77&x=1&cor=11929537762369071000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8602 16 KB
12 KB 186ms
160ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYrSF9dIfg6Wukk45tMEvzAfcYYuTzpXy9KaBtsAwWaaRjjUwiCqz69dCPaSGcga3xa0EBz1xnwzt0QiX_D3vWdLw8x7qcHzRCD1K4DmZUzF1lO2bJdfahLDPGNKzay_T1rb4sKAOdAMMrT_NlyBIp2XnVS18xH9bjygQUBgACXB9Q7vU&cry=1&dbm_d=AKAmf-DbHi716pCCdcChJsno4DjXOKslg5RRV9pnws8lQAL1brYHkROqYdKaE0RBkMnUzvzRpd8iSNH3ZCSupi2DWZepGZgAvRjzJ6NZ4Y10NKyu5NUE5gNZhLFhoyxjMvTtVkEsxc5xAHpXzMhSSs-elLOB24hY06kdq0yRcZ8iRF2Gle3uUweFLekeQb0DLD7HHVegNWwuoFPo8pQu_WNHOHhFkH7LEJDS2nvmmkEoHCMK06vvkz7nedhoM-lCh6F5aZ-da0DDt3NVVCINsugDN1KPnXeo4Wo5lyBLw18Ri6Fm36VgxJ00PrdgJL4rIa-nrK39z1Y1jNCswXG9FQLPGNt537dqtQOZa5eVLkNnzQCsheZefE8DporOF9g3_p9SgHHeZrTzOYem3eyVqNZadV_9gZEIWHjt2tQ8G-bzQNOL4Ap2LzwFaOGDZrjy_swaW7EJpqoNpHm2XI5cTTwg6BpTRH6HopXIzCIrb8ImLBcSVr_kNT1_TAmlD-OdBiST7zviw-1Ri2RHQHPh0ISkj0IYX4WJ5oVIuimY7dSHAm0muVSfITxR2ehPt_e9gbpM8M3InYai0OjW4V8_b62b7ptvCJz7L6V5VKNyIxH3i6DeNCr0PQ_YOwl2cSdVGCvXWjQz6RrjF92VKyBtG0xMtErIz2LNE0N2QGeEEuLPINq9TYlxcHf7y9817U_RIuyQv_6R3lBKMxez8QpADzGOcAWGx0Sx1dNrrzVTat9y_r7cNhh7KGtSse4QQ_tL0H0mEho3AIfs0cxvh9J0wFwz9E2tb3wB1GaAQ8_X6AQJdCg5599SPoqKXGJ6dlsy5Pz7zjZBNstc_mATb5fRnYPGqc89V61J4bbyN0wFcfnziCT62GAMb3Mp-YCUwzdY7W-u48nojDypTtiLTjQ5P2tCJAyDxMWEJYRNpqiI1V2LUFu8o1LcIVOT6UUw8Mz4-F5uEDNYnC1gQX9Ug81I6wWGsT60KkyoRxFxEQ1REpYlw7L6Dx1J3siAgxXpe-icYY0S_CLezPdqKOE_sxwL_AAwwjTVR1s1raVOEAP3KUmD8D4bGJIRn2geR6qeonzAaK_oMh794d-W2dWI9maGfZIjJcgnMM4paMxO70GLDtw9YmAjWRLywz3dxv6FfGCuop0NuFQeel06cjW4tQaqy9D-aM7SqrZVaLoVXiyFTjyAjIhEcL6tcq3Cl01DTFkkybSbuPJvUUBx7hsQD7kHgatkwdm2ei4LLjdIv9aSgqBj4_w2oHxP9F_jIiB8QSNvDu8tOXwCsnZMuE3F8GfNubS9FSVqG0yn4IJ_a-IJj3aL-f8BFTPUfHvFVIXFYA3ypm1rm3SnKLgJoe8gjXxPWIxAJ1A_RORwjXIYwyUWSfbt_2n0rpn-CaP0IpAqOG-gF5BbXy3z6zEXWsWXizR8uWSChbBHnPvfF9bC0MDzu6rjrrwSNa5hmnzkJqbfW9tUzVnaga1J173qZ8IsDqEGHdv8zDI4zMt1PWvFB4BI4ZaATFF8byyftOIaTDCHSNrZDSqPCg9e6KuvXnTfQNXsGny1fXXRuRyw3LuBXbip_lvD6wgUekDJMjJ0QZu4T1dth3gHHHNc8y-oWZz_jiEgVEe1H9-TrXSptucePC2pUfKIGjhOwM4Cku6cIuos8LwxXIT0QjBTYE-GoT5sC6P6JquSL2YGaZoI_YuDCSGP1_5WWkhozImc3qUIKu-_m7iJPS9k0Lxc8Lt2pNME8AlS2Dgq1BI0RdfByHD-1-L-UBY_JJ41aBHXh_sBDvGC6q51363vLRLAheRxu9H1dF4k715mS0GcFIfEFznThzqEMnnSbnBX2Ro0JW_abJniS5XbFzV6X3eKn4MBjJkxSRm6eZmVzTKxJUS1_nTd4FPRYIqzXZ7fp3I2LWO1V-jNaWk4XUDEH5Kld5NbY6qnMZ1DKOO97xgUJ7XDMz-_9XExrBtB0U1YVtN73G9A0XvEnAlVGVsrK3-enSfk13skESEwNE8BePB2wB8Dil2ph1bEjHnDerorFT2Br_yLacgEUYQSHrNNZW8uOzzK0JhUc4nDSgveSDMVcaj3LV98CBN7glhf2H_LCLWjmNe3n1qM46By77b136AhSLpaxGktNIsjawW_RRx8Ss2Mw8WniMvBufL1xzP8w4mGYhwA9OnMMDHAh-U2q9JAR1PjGAuKohHYGwC4UfDOFcW4hW3B4i44W__4TOWtCqqM1AU0KOcU7ci077wOsjgrJObbJI1xKxzkt_6A7JhxIORDjwxP8pTLWG64GGV8xUR2Ck22r1cTmO30Xs7q0B0BSIqiwZK1kyYBOznOmpq0oRFwgtRzkIMT6YqExS22fubVyQjpEQ8pzTlAw4WfKZ4kq8qzZanwdyH2HM8shHbNDF1dKIouCNy5QpXSKN01vJ_mQfjuGOiy2WRqfFbvy8usOqxW9xd_6bpLu1zQFtffMoST1Mm2YzsHYZVPPywGzYORtDj8jA2dBX_sSasTW8p6WVLvWSMfqtcsczDtK0yus1AUi8Wjsl9eeC3P4Oh3K7RFLUe6K_z9HJBsEoWf9aGmYIug4Ak0Qqgdn-T-a5xOeBIWX3MQnUX1eVFBOf0oct1-NI5K83FDVkSJoKjJrSjRYScTK0-gsdT44Lcmx9UJJ76lkmYlffH_WyDpHA9ictf3T4XzsicEqlAiq8ubZqryIaAGzl5vdc4ItY33cFi5y6LLTX0kAqXqxp1uItnjASct5gUA5h5cp62Ue7Cqg37tUqsq3f01je3I8NGsqgFX6qXQtOckOpqzBKbfOVU7uTiomsdugh0xQx5KlUVPEhsPnvGs8rmfL4JrtTENXY4rDvrhXjbdESHuJPoO965gTUp9r2qn-nnW5IB2NlS-M-DC5-NL2_rq5LyO06_JCA4DXAWjvVSalBabXfWXCaM2HDPhopwrc89S57xFNPeFlw5HWvLpp7ZbECg9NPgg41LviEERMBs79QwrhUzG8iXTznSlx15TdtgLvf7bvB9iUeZiTh9cMifeVGe3U2ciDZZ9arKNpZWtQgaIwh4PF1f-qGkymHHR7kscRT1z40fmvbQ4XGufV6ci-D42ttlvJRkJMzLjR9JgjPYeF2TfRDUXjAibN4eu7XZ4VIJ-ghJGHV6gacvBq5txIAYNn4-Q1kUcWA4cGmRwTU-zi_v2kmX_ol7eWrKiHod9tLPk8FjVFHorxI9vPfPs3QF___OHWpC4juGFPVY0uDZN2z35Y3WkMTjymRMS8_riEy1HAGWyib5rWvPK3X82hh0_n4AbQE4Dyv3uxDSDmA274XOXDPMTcgYp1einSPOSI1Kak7I6WWyhijbZJvcwk_t0NVNL1_a-liRknvAn_g3XfoIDfp3UzeNWU6ZFYBlm0qp_9sbHky-Y57uLs34XgKoZAok8MPrBQrMkLkwoefdDp3fWeuUhoiAzv76x3Qtmvwqn7ufwjj8N5DecPojVHFP21XB3EQ8GHM8HpboPDaJC13PtpLNRJX8ObY3k-n-JuzWN-xQJzNayhGGKGy3nb1k7BepzGsKwN53MpPp5y5O3Ta_xXyUH8OZRqQHMPtW7iy8BlzUaGxgoYrENwUwd4CzG7-xMGcY_M0e7WKGa1uYQz5ADkxFxdqCmaLcbAVZ54mdSquSm_ZVtjOTWpeIzjjmgGb0gKQaIJmGdO928Ulk1LBNNK1sHJRY8Xkv-Ug_NQ-0lLaUUPX86X0I58LPjMAIqGg5uRgr175WQWRNt49Mm-IHuEwIrOxTbqGft7ozf9e-UQkVWBrrPaTU6-7CvhrzBqfMoz5VKSy1Z6HwT3zYWVxVM6lvQGRzDs9j55gxTYY4UHbrGVYky-oQZ-8JgWxeJ3dY7YOkPARysMd8q5qkxtrIqsZC6kBZc7p7PrU8EkkNUa55-J2xPORvTpiufYn49l1qVEMztTDpRei6xokBtYZ_mo8ZIvJp4iV9eI9B0BV4vKf4lBCEd1ctO45CWspVhmeThzt-WKwQyFikOTZxyxWkkEpkzL42xTD7Pwh5dfznl5mBx5sNXM-zZXGUSv81UuYsfhN81YGdOQMZiHOEeHTA2rkqm69hnU05f_qX83sT8aqgyTN0apYPuETTUnAkLggQdHI1m99-eSth94SMZM4pOoVWRxYhUTZTFrWwdYGCsQPiYhT--8LHn&cid=CAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB&dc_eid=31078235&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=11929537762369071000&adk=2228999115&idt=209&cac=0&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

057307ee73bf3f4f8d9c10d3fb1217afbe0accc1f6b4cad24ff3ec17ddee9b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12223
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 6773 223 KB
61 KB 130ms
128ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:59 GMT
age: 589556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:59 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 6773 15 KB
5 KB 182ms
180ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:59 GMT
age: 589556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 6773 94 KB
28 KB 185ms
184ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:59 GMT
age: 589556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 6773 5 KB
2 KB 213ms
212ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:59 GMT
age: 589556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 6773 40 KB
13 KB 215ms
214ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309260101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:59 GMT
age: 589556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:59 GMT

GET
DATA 200
OK truncated
/ Frame 6773 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4684720f1ff8e206b37c3b969dc5b5d37e72e261a8ce3b53a0ffc8fbf092c30

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17649515489902358461
tpc.googlesyndication.com/simgad/ Frame 6773 43 KB
43 KB 297ms
295ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17649515489902358461?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkdbJgXh2qUsN8LMO1wOmoHVMimmA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a869d33391ec9a651f215388d74499c24cd3655a854cb386f4bd33cfada74e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43674
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 13:11:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 12:56:55 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6773 3 KB
3 KB 124ms
122ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:35:45 GMT
x-content-type-options: nosniff
server: cafe
age: 19270
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Tue, 03 Oct 2023 07:35:45 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6773 344 B
474 B 123ms
122ms Image
image/png 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-144-228.compute-1.amazonaws.com

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 21514
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Oct 2023 06:58:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6773 0
0 181ms
180ms Image
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlHfs6-OkjYNhEg7hXVDXSQUCs0CyOZ9qDlW6PO-xGunsdz_rhB4ZT0tb1KkYxghLLHOOOljEbfxJlD7U7LBOwJHhDhQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 304ms
303ms Fetch
application/json 3.233.144.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0A0B 287 B
168 B 234ms
228ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3yIjGATAB&v=APEucNWkDgElQGV2OjaCoOmBFjKtSMjV5oeKUjsXaALM20yZ3BP3DcqTg4Q8GRtuRU9jTJ9tswrEC1b4hUwSr5ATyUd8FdCWWfWwRD4Gwh4W4WTJhnTDQtk

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54fceb645bc52a6e4d261bae97e40d4b3fd1307d8b1ddc1845307214605fe0ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9C41 89 KB
31 KB 197ms
188ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:55 GMT

GET
H2

200

sync
x.bidswitch.net/ Frame 9C41
Redirect Chain

https://aws-fr-sync.bidswitch.net/sync?ssp=themediagrid&dsp_id=16&imp=1
https://aws-fr-sync.bidswitch.net/ul_cb/sync?ssp=themediagrid&dsp_id=16&imp=1
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b&google_hm=NDg0NjE5MTgtMTc2NS00MmFkLWI5NjAtODE4OGRmMDQ...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBmaBj6MheGDpUPFiTDHuVo&google_cver=1&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b

43 B
145 B

98ms
98ms

Image
image/gif

3.65.107.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBmaBj6MheGDpUPFiTDHuVo&google_cver=1&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 3.65.107.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBmaBj6MheGDpUPFiTDHuVo&google_cver=1&ssp=themediagrid&bsw_param=48461918-1765-42ad-b960-8188df040c1b
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RChAOYFb4aZcuSGIG4-wblhIrYCufpw5tp____M22i9IPkS8QASCD____eYfYPW...
media.grid.bidswitch.net/imp/UAhJDHvn7yTVBO-SqhEg1E7gEKi9KG4hgiWyoXvwNP5yk3JqKuCDtRvc9X0xDeme82lHxM2tpIk1jHihnMzjUF9kUOZ5kmg3pScmB5GafGoGVDC7JfPMJytEq0DFNLrJHWX42oomWkEMVptWzs9_moor6PkAFcw3KCiv6_Sc... Frame 9C41 43 B
196 B 511ms
85ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/UAhJDHvn7yTVBO-SqhEg1E7gEKi9KG4hgiWyoXvwNP5yk3JqKuCDtRvc9X0xDeme82lHxM2tpIk1jHihnMzjUF9kUOZ5kmg3pScmB5GafGoGVDC7JfPMJytEq0DFNLrJHWX42oomWkEMVptWzs9_moor6PkAFcw3KCiv6_ScVk54PEBtpRelIcEEQvtHCUwxlnB5zr7uOtY-K0iSCR-ZUHFhHqOOstpReJqKFnEjGOMtd5-yMtNXs2g6ouMuj5KYHRS8mPfHvuiByM0FLLGp3T0xijSMamMI98a9rLZH-EfkIp1QHX-CtWWpQnyJ0Qi0BRsdkNfAzxOqjuzInpG8oSWRDcZLAqrzGEebXkf5qyn6PNoXw5eq8kN46GI92BBIDJItNodEEA8uTIMaL1YLKBjodQ9RwQEGrWhGinqRYdXWgiRvOSArRC2YjwbklHS-TNhQ_zEAcD-VZj99bTgA42Yu0FnZobKZJKkmDvmctSaZc7aUP6vmYYjNS_Kyge1KScBnYPOkeY3s6dLcP9cc9-fpcg3-sE99we0FW-fgyuy8BBtELGgkqYnsrWRQD_e_4m4SMsDTua67r7QRu2vHOIOvrT-kaPc6qJTgu-JrynC5tv04ibBtEf_aPBMi1VEQ657i-bwHXmzXt85wXwQZms5UfwPFMa_gdKGg9ct-sqKO4Qdd5kF-jQVWp4CNt33Jqni-Q1WkinxJtXg6tGTIoo_7_ecbiAeq9Bkxf2Wdebjn8NPlBB4o2OzJeE92AK80a7eGM_rnnTmTcEr1pqUk746ws5lMop4vjeYYFGic7sLY5yXQj7FDsZXOiT8uu4UCUHSuazwezxm1AH0s3PXHzrj3KdedQpOaowYJ4jebmx3LIDQOcsVAzy0qmtRFb2eqAazuTM6v6VHLo2aSbMqMzmTifdFHaX9LoBMv0nB_y-78p-mbPf-4q2l5_K_g0lnyCdFj_7rXGzaUWjbFCTOICzfRCrhL3-tiTO6fMzko90BAzD2uf1vZA3UmTYkJgUZoWSraW0LuJ-SldWYEH5Bza23KWqKlG5BZcZYg_rRPi_GC0sH6UJxoR-lQ7ZinX88X7S-uszLSSNLX1fcBetHQflQeBqYuBOPnM3LX1pJHNxC7YAYkswQpz9w31DQikHJv0f44sQAGuhbS2-9TFsbmHD1guXwpPVaSjWWTm-8285rE1oWtMDFBX0uuP0c6OO_Rk_t8O7XGmueddV_8dCoxZcMlakZRIY90qpG4HE73ggNa6A/billingq8wT3K2w0s0pyK0Fh6DmkkLZCDuVJYj8rGZPWDqQbvbsw29J/https_A_B_Bghent-aws-fr.bidswitch.net_Bimp__s2s_B_I_WAUCTION__PRICE_X_BBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RChAOYFb4aZcuSGIG4-wblhIrYCufpw5tp____M22i9IPkS8QASCD____eYfYPWNu4GYBMgBCakC-7ODhIzEsT6oAwHIA5sEqgT8AU____QW3EwglIPhVdHR9YjoGCmcS0SzOaVmTr0qL83353ZYNH1HIVrCUraDqlUANwgKkQtlpIS5PgcQOdlJrh-BjUFmfGgp-OdL3J037bOCSZDxbWzDw0NTKa0OL2atUTqCUDer03hbaRe4lcAUDzyOlYKS0RN3yHIRgAa____Iz-3nANlPOXqaVafHvUSHh7Krmptx-xOFXxHBmD8kTOoZJJbpjotXQ-iC5vs5Lc00EQ1HWA7w____XMc4eZcwIpwXhUgAcGsqXr0Z5QGI7VuhHBYHDlYhg8Ci1T5z-5WYv4ShZ50oz49x6mA0MYuXUcxvOx7x6Jf2yPPfZF6bEjtT____LMAE6tu9jfwD4AQDiAWxn-b9PZIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCo6wEY98iIxgHSCBQIgGEQARhfMgKKAjoCgEBIvf3BOvIIFGJpZGRlci10aGVtZWRpYWdyaWRfmgkcaHR0cHM6Ly93d3cuc29iZXJiZXJsaW4uY29tL4AKBMgLAbATlbXRDsgTyYva3wPQEwDYEwPYFAHQFQGAFwGyFwgKBggAEgAYAA__Jsigh__RdqAcZH7YauQ__Juach____m__R__EUACH__F__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE_BNBwPDkpVK2kGzlwlvVy-GgyrDdrcl15KdRBQi9q4O5K1__sNgdiPGURblyaFFvijiSzGHLSYO46OezoBBOkzXsaWQGtRSoLHw1H__ztC9YGTYLPW9YTl8GnMlsyolJGamJfDhdu2Dvbq8Z8k__LSCemxy2nvMkrQfnrmBktj088VZFTBiYcQgFNQE__okKLuWxTaU6Wv72ZGnZ0fUHJwleqljcdZfZvBC-UqiU29Wk5fxEBMQpKuFTgHh7l1uN7QYHbBy7Invc3uGVMRzYTzCm6CZYpC8AL73j1zWLATwGumGbZn7l7eM04PMWKuWwVVotdVh6k2sOikDnURTOWQPLGw7gAyXR0zUOfLvZRYVRHPNBsyn-Gem-__TS1fSa2SXY3__zIyN-uxXnQGVsKRxlI06lv4GL2o1wiV8J7oJUYTU5b__G8incyNHdty5aDHUPt4-Qh2plj9XAZBhM0lU7ZF62zixZb__YQEWfQhDzp3sa17MkbqSp3zhbzrMwCA3o3aDd9Qjcey0-mhra2CV49DgKCJXj4gHo13E0AumUQAPf-LwWyt__MJZtq1FBGLz-ILahspTLIVZpzN657H0QpcYn8NryEv6oVu0v58BO5L-k7ZNn2a5JnQbsOOvRXJlCY00n8q2JsTx4ottQ3z-hTWSw3QMG2ec7UZC2YMqQVKYwQPAai__aymgU8vDikGEe8VZbBboU7B4O2EQDFAW8AwexV3l83SZTtfBCwGvd__LVR6WmRY6jk5VOEd9eN7lcRWx__rLreYwp0u51nSGdVjdqDSk1UXHKWMHAwSzc1jIoF4QO1aiLapANITEsTn7EBPg40I80MzhsoWMpQrz8__xNX9ig-GhvwD8IIFghWyKuS40VhUw8K0wfKfVb2vRBs3UxfyOJ13BvEqflUj4RPrAhU-jRmPOc86BYyeKJyZw1LHHmOStaGZT7o8QImYhkeEEUiIixi5Z5YWk9RVJAYa4YkHLTcZNGkIz4zV-u__xq__m0SDipNtu-L6ZPOCBN6tLfMwqYdJt0T5TkkYnC9DOjp-xtiWpj3Wy-hnR__AtlR0RVzpVcNZ__0ohnrNRVDvRuAyGmeyqCzTJi5dSrDDqDmoEUoRZDqt-eq9qcE8nLzU8IDMuo24jUf5teLDXdIFpr8WAlRCGVgXHOaq6Eh__X__-n-EMOg11X__WGedOdNzjbWxCKx6-lxMjTp8lVR6MkZsOtJ__ODyyaVatpXbiP-G0__oUn29WGD7--SIYM6S-arvaBu8GAJA_B
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 9C41 0
122 B 1737ms
190ms Image
text/plain 178.250.7.62
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=bg3.co&bid_id=d9c735ce-d640-4809-92e9-3ddce0398d00&ads_txt_id=GJXPHY&has_bsw_id=0&bid_price_usd=0.02709

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.62 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 42 B
107 B 261ms
256ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cacl2qEUcvZJMhSXqm1h9SVtGTSZPOQXLWDg4togAGx6o48Oa-RCNecEwfNBPGCz3Dq3zK-sCUv3prbTIItUfAmcczflwJTnMglqz9gWPL5GgJM5I

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 0
56 B 261ms
256ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17315597703132428016&x=38&ct=77

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-144-228.compute-1.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 389ms
385ms Fetch
application/json 3.233.144.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 183ms
180ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9iYW4tZGFvLXRpLXpoYW4td2FuZy1qaWEtd2FpLXppLXphbi10b25nLXhpbi1kaWFuLWJpYW8tcG8tMzAweXVhbi10aWFuLWppZS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYTc1NDExMGItYWU5Mi00MTY1LTgyMzgtN2I0MzhmZGZlYTI4IiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDIzMDI2NDk5OTk5OTk5OTk3LCJyZXNwb25zZVRpbWUiOjkxNSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiYWRsaXZldGVjaCIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMDIzMDI2NDk5OTk5OTk5OTk3LCJ3aW5uZXJBZFVuaXRJZCI6Ijg5MDlmZGU2NTBjMTI3MyIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjMwMHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiIxMzVhOGQyYi05MDkxLTRlOWUtOGVhNi1lN2IyYjMzZDhlMWUiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=7494.799999237061
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 54CC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LN8WAN9V-17-IY34
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LN8WAN9V-17-IY34
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/24a140b9-aa69-32bc-90cb-1a9a7c316476?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-aHH77PhE2oUXclcpoqCOgUj6ZTfIn8wXaYphK54-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
148 B

126ms
126ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Mon, 02 Oct 2023 12:56:58 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 1717ms
195ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:56:56 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 54CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/auXjoJ8NuxJHJKoLOsR_Ycn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-blB5jKhE2oIMEUZUYNq_MJK8pgvIXKRCDZ.6Rg--~A

42 B
677 B

94ms
94ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-blB5jKhE2oIMEUZUYNq_MJK8pgvIXKRCDZ.6Rg--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-blB5jKhE2oIMEUZUYNq_MJK8pgvIXKRCDZ.6Rg--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 54CC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=IsE59FNwS0eY18VMm6NpNA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IsE59FNwS0eY18VMm6NpNA

43 B
720 B

484ms
476ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IsE59FNwS0eY18VMm6NpNA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CNDS11V2VH8NTKZX54WR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=IsE59FNwS0eY18VMm6NpNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 54CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvvgjdVWkat7GAjiTSsCBk&google_cver=1

42 B
677 B

970ms
965ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvvgjdVWkat7GAjiTSsCBk&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJvvgjdVWkat7GAjiTSsCBk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54CC
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE44V0FOOVYtMTctSVkzNA==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENvlZL83oixNm0kyff7mi2k&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44V0FOOVYtMTctSVkzNA==&google_push=

170 B
188 B

125ms
120ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44V0FOOVYtMTctSVkzNA==&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE44V0FOOVYtMTctSVkzNA==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 54CC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

43 B
855 B

768ms
640ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1C8NHWVXJ33Y4TBPRRKT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ABQ5BXPS5B57Q2DMWTJ4
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 54CC
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGUzNGVjMzUyZjUwMjExMzEzZWVmM2UxOGEyZTA3MzU3OTI5M2MxMQ

170 B
188 B

101ms
99ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGUzNGVjMzUyZjUwMjExMzEzZWVmM2UxOGEyZTA3MzU3OTI5M2MxMQ

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a2-16-164-25.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGUzNGVjMzUyZjUwMjExMzEzZWVmM2UxOGEyZTA3MzU3OTI5M2MxMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 54CC
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8WAN9V-17-IY34

0
868 B

748ms
289ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8WAN9V-17-IY34
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B7AF9FD7EE934D759FBFBB83926ACDAC Ref B: GVA30EDGE0109 Ref C: 2023-10-02T12:56:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGu08wrQSPnw9US5IdgQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN8WAN9V-17-IY34
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 54CC 70 B
149 B 367ms
108ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 54CC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABvPE7KNXwAABgcc-dC6g&expires=30

42 B
677 B

168ms
82ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABvPE7KNXwAABgcc-dC6g&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABvPE7KNXwAABgcc-dC6g&expires=30
Date: Mon, 02 Oct 2023 12:56:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 54CC
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8WAN9V-17-IY34&redir=true
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LN8WAN9V-17-IY34&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LN8WAN9V-17-IY34&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sVHBMS2Z0RTJ1RTFYMVlZQU5JYVFnTmxXUWluUHFMSH5B&ovsid=LN8WAN9V-17-IY34&dpid=58160

53 B
480 B

410ms
127ms

Image
image/gif

2.16.164.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sVHBMS2Z0RTJ1RTFYMVlZQU5JYVFnTmxXUWluUHFMSH5B&ovsid=LN8WAN9V-17-IY34&dpid=58160

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Server

2.16.164.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 02 Oct 2023 12:56:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Mon, 02 Oct 2023 12:56:58 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1sVHBMS2Z0RTJ1RTFYMVlZQU5JYVFnTmxXUWluUHFMSH5B&ovsid=LN8WAN9V-17-IY34&dpid=58160
date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 54CC
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d7ba4241-f78a-48bc-8562-90ef331d5e2e&expires=30

42 B
677 B

341ms
335ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d7ba4241-f78a-48bc-8562-90ef331d5e2e&expires=30
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d7ba4241-f78a-48bc-8562-90ef331d5e2e&expires=30
Date: Mon, 02 Oct 2023 12:56:57 GMT
Connection: keep-alive
X-CI-RTID: 18c8d3e4-04f1-4c78-8a5e-2943ab02823a
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 54CC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8WAN9V-17-IY34

0
501 B

964ms
152ms

Image
text/html

13.32.99.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8WAN9V-17-IY34
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-20.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: h3n80vrvn49P5uxSeoovWSbcmBkhgglkh-2qU6UKQ3ER7ETXI5lHVA==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LN8WAN9V-17-IY34
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8602 41 KB
14 KB 182ms
181ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYrSF9dIfg6Wukk45tMEvzAfcYYuTzpXy9KaBtsAwWaaRjjUwiCqz69dCPaSGcga3xa0EBz1xnwzt0QiX_D3vWdLw8x7qcHzRCD1K4DmZUzF1lO2bJdfahLDPGNKzay_T1rb4sKAOdAMMrT_NlyBIp2XnVS18xH9bjygQUBgACXB9Q7vU&cry=1&dbm_d=AKAmf-DbHi716pCCdcChJsno4DjXOKslg5RRV9pnws8lQAL1brYHkROqYdKaE0RBkMnUzvzRpd8iSNH3ZCSupi2DWZepGZgAvRjzJ6NZ4Y10NKyu5NUE5gNZhLFhoyxjMvTtVkEsxc5xAHpXzMhSSs-elLOB24hY06kdq0yRcZ8iRF2Gle3uUweFLekeQb0DLD7HHVegNWwuoFPo8pQu_WNHOHhFkH7LEJDS2nvmmkEoHCMK06vvkz7nedhoM-lCh6F5aZ-da0DDt3NVVCINsugDN1KPnXeo4Wo5lyBLw18Ri6Fm36VgxJ00PrdgJL4rIa-nrK39z1Y1jNCswXG9FQLPGNt537dqtQOZa5eVLkNnzQCsheZefE8DporOF9g3_p9SgHHeZrTzOYem3eyVqNZadV_9gZEIWHjt2tQ8G-bzQNOL4Ap2LzwFaOGDZrjy_swaW7EJpqoNpHm2XI5cTTwg6BpTRH6HopXIzCIrb8ImLBcSVr_kNT1_TAmlD-OdBiST7zviw-1Ri2RHQHPh0ISkj0IYX4WJ5oVIuimY7dSHAm0muVSfITxR2ehPt_e9gbpM8M3InYai0OjW4V8_b62b7ptvCJz7L6V5VKNyIxH3i6DeNCr0PQ_YOwl2cSdVGCvXWjQz6RrjF92VKyBtG0xMtErIz2LNE0N2QGeEEuLPINq9TYlxcHf7y9817U_RIuyQv_6R3lBKMxez8QpADzGOcAWGx0Sx1dNrrzVTat9y_r7cNhh7KGtSse4QQ_tL0H0mEho3AIfs0cxvh9J0wFwz9E2tb3wB1GaAQ8_X6AQJdCg5599SPoqKXGJ6dlsy5Pz7zjZBNstc_mATb5fRnYPGqc89V61J4bbyN0wFcfnziCT62GAMb3Mp-YCUwzdY7W-u48nojDypTtiLTjQ5P2tCJAyDxMWEJYRNpqiI1V2LUFu8o1LcIVOT6UUw8Mz4-F5uEDNYnC1gQX9Ug81I6wWGsT60KkyoRxFxEQ1REpYlw7L6Dx1J3siAgxXpe-icYY0S_CLezPdqKOE_sxwL_AAwwjTVR1s1raVOEAP3KUmD8D4bGJIRn2geR6qeonzAaK_oMh794d-W2dWI9maGfZIjJcgnMM4paMxO70GLDtw9YmAjWRLywz3dxv6FfGCuop0NuFQeel06cjW4tQaqy9D-aM7SqrZVaLoVXiyFTjyAjIhEcL6tcq3Cl01DTFkkybSbuPJvUUBx7hsQD7kHgatkwdm2ei4LLjdIv9aSgqBj4_w2oHxP9F_jIiB8QSNvDu8tOXwCsnZMuE3F8GfNubS9FSVqG0yn4IJ_a-IJj3aL-f8BFTPUfHvFVIXFYA3ypm1rm3SnKLgJoe8gjXxPWIxAJ1A_RORwjXIYwyUWSfbt_2n0rpn-CaP0IpAqOG-gF5BbXy3z6zEXWsWXizR8uWSChbBHnPvfF9bC0MDzu6rjrrwSNa5hmnzkJqbfW9tUzVnaga1J173qZ8IsDqEGHdv8zDI4zMt1PWvFB4BI4ZaATFF8byyftOIaTDCHSNrZDSqPCg9e6KuvXnTfQNXsGny1fXXRuRyw3LuBXbip_lvD6wgUekDJMjJ0QZu4T1dth3gHHHNc8y-oWZz_jiEgVEe1H9-TrXSptucePC2pUfKIGjhOwM4Cku6cIuos8LwxXIT0QjBTYE-GoT5sC6P6JquSL2YGaZoI_YuDCSGP1_5WWkhozImc3qUIKu-_m7iJPS9k0Lxc8Lt2pNME8AlS2Dgq1BI0RdfByHD-1-L-UBY_JJ41aBHXh_sBDvGC6q51363vLRLAheRxu9H1dF4k715mS0GcFIfEFznThzqEMnnSbnBX2Ro0JW_abJniS5XbFzV6X3eKn4MBjJkxSRm6eZmVzTKxJUS1_nTd4FPRYIqzXZ7fp3I2LWO1V-jNaWk4XUDEH5Kld5NbY6qnMZ1DKOO97xgUJ7XDMz-_9XExrBtB0U1YVtN73G9A0XvEnAlVGVsrK3-enSfk13skESEwNE8BePB2wB8Dil2ph1bEjHnDerorFT2Br_yLacgEUYQSHrNNZW8uOzzK0JhUc4nDSgveSDMVcaj3LV98CBN7glhf2H_LCLWjmNe3n1qM46By77b136AhSLpaxGktNIsjawW_RRx8Ss2Mw8WniMvBufL1xzP8w4mGYhwA9OnMMDHAh-U2q9JAR1PjGAuKohHYGwC4UfDOFcW4hW3B4i44W__4TOWtCqqM1AU0KOcU7ci077wOsjgrJObbJI1xKxzkt_6A7JhxIORDjwxP8pTLWG64GGV8xUR2Ck22r1cTmO30Xs7q0B0BSIqiwZK1kyYBOznOmpq0oRFwgtRzkIMT6YqExS22fubVyQjpEQ8pzTlAw4WfKZ4kq8qzZanwdyH2HM8shHbNDF1dKIouCNy5QpXSKN01vJ_mQfjuGOiy2WRqfFbvy8usOqxW9xd_6bpLu1zQFtffMoST1Mm2YzsHYZVPPywGzYORtDj8jA2dBX_sSasTW8p6WVLvWSMfqtcsczDtK0yus1AUi8Wjsl9eeC3P4Oh3K7RFLUe6K_z9HJBsEoWf9aGmYIug4Ak0Qqgdn-T-a5xOeBIWX3MQnUX1eVFBOf0oct1-NI5K83FDVkSJoKjJrSjRYScTK0-gsdT44Lcmx9UJJ76lkmYlffH_WyDpHA9ictf3T4XzsicEqlAiq8ubZqryIaAGzl5vdc4ItY33cFi5y6LLTX0kAqXqxp1uItnjASct5gUA5h5cp62Ue7Cqg37tUqsq3f01je3I8NGsqgFX6qXQtOckOpqzBKbfOVU7uTiomsdugh0xQx5KlUVPEhsPnvGs8rmfL4JrtTENXY4rDvrhXjbdESHuJPoO965gTUp9r2qn-nnW5IB2NlS-M-DC5-NL2_rq5LyO06_JCA4DXAWjvVSalBabXfWXCaM2HDPhopwrc89S57xFNPeFlw5HWvLpp7ZbECg9NPgg41LviEERMBs79QwrhUzG8iXTznSlx15TdtgLvf7bvB9iUeZiTh9cMifeVGe3U2ciDZZ9arKNpZWtQgaIwh4PF1f-qGkymHHR7kscRT1z40fmvbQ4XGufV6ci-D42ttlvJRkJMzLjR9JgjPYeF2TfRDUXjAibN4eu7XZ4VIJ-ghJGHV6gacvBq5txIAYNn4-Q1kUcWA4cGmRwTU-zi_v2kmX_ol7eWrKiHod9tLPk8FjVFHorxI9vPfPs3QF___OHWpC4juGFPVY0uDZN2z35Y3WkMTjymRMS8_riEy1HAGWyib5rWvPK3X82hh0_n4AbQE4Dyv3uxDSDmA274XOXDPMTcgYp1einSPOSI1Kak7I6WWyhijbZJvcwk_t0NVNL1_a-liRknvAn_g3XfoIDfp3UzeNWU6ZFYBlm0qp_9sbHky-Y57uLs34XgKoZAok8MPrBQrMkLkwoefdDp3fWeuUhoiAzv76x3Qtmvwqn7ufwjj8N5DecPojVHFP21XB3EQ8GHM8HpboPDaJC13PtpLNRJX8ObY3k-n-JuzWN-xQJzNayhGGKGy3nb1k7BepzGsKwN53MpPp5y5O3Ta_xXyUH8OZRqQHMPtW7iy8BlzUaGxgoYrENwUwd4CzG7-xMGcY_M0e7WKGa1uYQz5ADkxFxdqCmaLcbAVZ54mdSquSm_ZVtjOTWpeIzjjmgGb0gKQaIJmGdO928Ulk1LBNNK1sHJRY8Xkv-Ug_NQ-0lLaUUPX86X0I58LPjMAIqGg5uRgr175WQWRNt49Mm-IHuEwIrOxTbqGft7ozf9e-UQkVWBrrPaTU6-7CvhrzBqfMoz5VKSy1Z6HwT3zYWVxVM6lvQGRzDs9j55gxTYY4UHbrGVYky-oQZ-8JgWxeJ3dY7YOkPARysMd8q5qkxtrIqsZC6kBZc7p7PrU8EkkNUa55-J2xPORvTpiufYn49l1qVEMztTDpRei6xokBtYZ_mo8ZIvJp4iV9eI9B0BV4vKf4lBCEd1ctO45CWspVhmeThzt-WKwQyFikOTZxyxWkkEpkzL42xTD7Pwh5dfznl5mBx5sNXM-zZXGUSv81UuYsfhN81YGdOQMZiHOEeHTA2rkqm69hnU05f_qX83sT8aqgyTN0apYPuETTUnAkLggQdHI1m99-eSth94SMZM4pOoVWRxYhUTZTFrWwdYGCsQPiYhT--8LHn&cid=CAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB&dc_eid=31078235&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=11929537762369071000&adk=2228999115&idt=209&cac=0&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H/1.1 200
OK so0m3m0ljrhx Show response
hal9000.redintelligence.net/zone/ Frame 8602 12 KB
4 KB 344ms
95ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/so0m3m0ljrhx?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D
Requested by: Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c94e6ce3531ae45ed31972ffe435b461cf92ed0d423c3b1d0bad273a6953a6b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4347
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4BB6 170 B
409 B 209ms
90ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWTQfCaa82iS25mpe9nknsy4w_pihnKTPYVvBSXz-pkeWXdxP74qG3wbW0O8h267xk2Ez__TRLYSFujACB9B-hXl80U1Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4BB6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1

43 B
768 B

987ms
984ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWTQfCaa82iS25mpe9nknsy4w_pihnKTPYVvBSXz-pkeWXdxP74qG3wbW0O8h267xk2Ez__TRLYSFujACB9B-hXl80U1Q
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azHZ3Y4rCP4VrPCvO3rSpKxOQcj3r%2B7Y%2BMAGRSX0fQYFStiTHcFXvjuZZaSQo9KsGHT1n0iUqKvm9X4uXY%2F9Pt5xAgLw99ejUmoVXBpvysW1IiR73BLpkYIn3Q2XtkB14mCDc8I4i5JAgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bb83b76f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4BB6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRq.FwGx7EBbbpg2QLa.1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1&google_hm=2

43 B
732 B

142ms
141ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiXyYjGATAB&v=APEucNWTQfCaa82iS25mpe9nknsy4w_pihnKTPYVvBSXz-pkeWXdxP74qG3wbW0O8h267xk2Ez__TRLYSFujACB9B-hXl80U1Q
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULMgn0EAtP95dtefq4YK6Wkkqyl85a%2BhOkBtsBOEFTiftj4MfUQiMGfxUmMYT7XTEURukBLQJO5vla23CPkY8t1y%2BS92wPWMd%2B%2FglIcITAi9OhFBR60DhZ0AhzrC2n2bibfEhcO2OAc7Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bbd79ecf0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDjvxy1Re4OBRMLxtH49jE0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6773
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

996ms
996ms

Image
text/html

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 0A0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEIcRit6wE0mL-8jtnWMQMmg&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEIcRit6wE0mL-8jtnWMQMmg&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=da21f3f547511a22967b5b8f53711a83&uid=da21f3f547511a22967b5b8f53711...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

375ms
374ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3yIjGATAB&v=APEucNWkDgElQGV2OjaCoOmBFjKtSMjV5oeKUjsXaALM20yZ3BP3DcqTg4Q8GRtuRU9jTJ9tswrEC1b4hUwSr5ATyUd8FdCWWfWwRD4Gwh4W4WTJhnTDQtk
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Last-Modified: Mon, 02 Oct 2023 12:56:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame 0A0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1&ang_testid=1

42 B
445 B

132ms
130ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3yIjGATAB&v=APEucNWkDgElQGV2OjaCoOmBFjKtSMjV5oeKUjsXaALM20yZ3BP3DcqTg4Q8GRtuRU9jTJ9tswrEC1b4hUwSr5ATyUd8FdCWWfWwRD4Gwh4W4WTJhnTDQtk
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 02 Oct 2023 12:56:57 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOcXNXIFAmKVxKovVdye3X4&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 0
56 B 1128ms
1128ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7159951042969&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 0
56 B 1123ms
1122ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7159951042969&version=m202309120101&ct=77&x=38&cor=17315597703132428000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9C41 18 KB
13 KB 127ms
126ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApHbrjlhaHu4GoTPEXzH09OO9fWPXRoKNr0WweNmHpayVSla1X3ysjBGnGP2g6BdJE7H8Yjr-tlHsYKRh1yP3wp6qzV1pUyIZrbwtFC_eZe6yPfIKKxhx2Yqy26DVyJedf1PAje4a1kh66Hnwzn__e7VatmNMu8U7Oge0Mrd9QxNuySL0&cry=1&dbm_d=AKAmf-Bs4JwibO-oFhM5Ps3Em17gIYcuhWFVKTOJAXnykrpPqxsIhkpc8Kk-8KoXXxfVFuz3-rA2fbkjAXslSuyVHGYvCrbRXVfhdh2wiGbufO1kRUE_VjtplLwzDr-IUl-r4DcUX475qh70Tv34iq39EanJqDgssH3Mt-_Rzt7Y1mN5ZvQwnJtjA6pG5__6SRoXL1YA-1yb_tKfKS31srOEBGCEYlUnsRTFKLTgZJndYi31z_KuVtnIH7RvT8f3RRcmz8A6cOHDo-nIsqArH9NynX4DLwvAC2vRuL0tZs6BAAACwxOy-ShP967zvcr2RWZBAHMgQVLtJ9Qwk6iYtOhkHMT3PkrT_1ieGjsNhwxMDabr0rjUjcgzQXUaWinbLswXCW4WOce91woa2M7T31KPsLT1s57IFaNljTyhXhl-Nz7T_qcI06WePBle1VdeusJwCVBy-_dMwO4zROewcAxr4Jr27IQ8GHQqky-mII4S6iz9U2FUTHMwuLStRQQjfLgyVwrX-ptP0y7n2SPu7rb3F36fm3jp3fna43mEO8OA6G7TRAncWzWvnZU4-WGLtPwz0b2rNLCy0v8x5slsNIwnNYI_AnWm0slVZjoBOJc1ZG3-6i6lZwMIETDf_dFIGEcWmb5DyFbXoARwbfwIH8wGQIX9hzkuukIsAhn5Pcn56Abl9BVewNq74CmnnFuf5zFNXK0oWQSpBj37D8vMXDbNFoKrpa9xaI94ciE5J4iZoNrrOKQGsJ3evuT6yZSjMmTI9HWcz9EpV5J98Ai9qKLUENr_kozvnYMGmzGm1tZfpOtc2e5oqkVOZyGIQLE8ksMfk0Bcsh8gtukrylAGllpbDYYsBT1pwD_AwY-LIH_Hcz-4V53PMPwBzSIvX7JmmsLEgD5Bz1DeIZZ-Sv6mQeyMe8tbGT9x-jRFB6zCopel1kTX1ffGaiUl3FAegzPfJ0-KMc3miuaAkcRldli4qht1qPB8plZWGDRnUYtcZXvyk9sTR1_zOWIZfa0q10VZpKQYJ_uUkBJjF6cWCgy4_Tg1OxNmtkThgwvJ8yUEVkzXRqjnE21PjZJ2JYsYrvOs-o4pHh0zf4t2UByCFpvbAoXJ2GFkyv_VyL0ImFIoN6ERMmj_hJCsnpfbRsOiU2djqoZv1IB9CmXdjr_ifb45PC05F73n22latX2z3Vvqk5PjCq3nJDihaMzxmw_BGySxtOaotoRQ5xNzVQzRyCwiO65yDkibhinJ-Okgk90cIpjsHK2lW3ESwUusK3WgmRw5EnUn2fDNw4NfLnqFsrymAKbwAZ6dMZlHvHNoPzil6jAfTiaC1iTIHpkJ7sLEl8YUcwRzqiB-DwJuQcoHvxj0W3NWkMdIguBmgO8fPSs1tLFMgKzcKDW3apxLLp5ZL5n-NQ8tqZMXuyb3wdNehTuk81fKc4yJTX4TooC17klsA6Q1sKkKMePdtHp6jaENdxz5g0wJ7deMyy5uRbfHFxYwIjqDlqd13VjEHzDrRMr_OmHplbkgs-SEN-415OQRch8MN-TcfJDU58fp3VBxFutvEYL6LfnvFauOU9Pf8ttWZhpIyHOyItpdEwWCfQmZQroDny6Vd9JWLzj1pfaopaqkjkmz9PFdaez3Y363w4Gmt9f4KZGipIAP7QMPPLlUv5LUvTGrDYTqyVVqZQXhrQk6GaFe8e8vrsGFsTL14Q6tX-du1Ajgo9mVmrTpBi-hZS60tSwoq1nCAtXgAZ0no77IT1P7Zzqan3WfTqgZTjbrOsBFoLjs1dlPGbaRRW3m0ejZ-U0k3JiBDjJf0ThYglCq3B1cB9R-3xzF84l8rcQtIKujU_9xrZPJ33OWBpHFE10rPSoaeYo43Tf1x9hw6eSMBWXt5k380r4X4LoSD4v3lDVcXiO7r5qEBSwHg2SipqJBVSuF3WAsAzDmgXgNijMMpdFQbEmeOFboVf2_t8jXVR6pliGBHKU7DgEtt0INEogIZuVakng6rk3Uk-KnExGVY3nE9CXz7f8a6aiLOcVeWdMJknvAMIUAnPzXHwGlxwocfLWQpENzT8k1CFPk99kfwQvsKM_BWMqXyscjAgVd0pUHmr6HoTo-oj7mFt5dpn_vFy90B7opA51t2dBN9IbYEqBu5_DL9fLgrv_p6xWehH5X_yOdReDP5SkIA38qSJtqEIdhnKBpcNcqyHB7_udhgNFY4gDYSczvCrnZ7JGP5vjJQoAXlDn6A1i3FVwWTvxotkYbTHyHfq3Kq6blMOVbJGMQqQrvrMoRi6SNigu0Vy_4BPK-RVNm75DazjxNytCa3wIMhxTSepXup6sRJQkfYDd_wgipxjSNHMcxPLGGUuNHDOPpiZzbQLnIhJ1z1YFYfoJCXyeSsJMbUGoIDo7R2ZFT56D7oN5UugZz5SeZURQUu-csoOq27T8sc8MMiCzdDPmEgXflhSQlL999zkKyYYqW5-fGZxnO7Q3-PcW8aZ65Yk2xOLUSVoq7OFY2-9A0U_hSdffttvRTOS7AkxSSjgxOJxlAdbP13SPb7zdqyBZEl4GX3nVyylP9yNudsKdWM8SgNMcyOSudZb5SPi3nc_uK6fb5cJgmhbN9D4JxsrjYXcrJMJA5R9xAvebR4y_qFluSLgthfTm_rRXZYACab2vTmXS3FRRRi6HFt_DDufgVWZbeu1Ds_gNmqvDhmCCA8eedLT6C5xwIaJBkBGQf-lmhNSr-mryWfCPoq6z0TGe3LcP-zv8BpclU8BXpn6UjmnPRxcMpbgU_YfWYYl-_Jap_i7xmynZAbsfJb6WnyvVIHbL_lQOiuW_zVaXLgEUH5ctDirYNzcOA-NezJcxjdtrN3B9WXQsf8ZW6XmcgE3uZF3WTm-1saG6F2RibpFZ2-z1HBxq6tdodUIFHbkWDvJR_gf5O7kf9XT3938dS2wykh8DXvUlhzqWqXiIb4tKn6l8ZQDpaYHIl1s6v7mF82T8H1xw4xYgFTFrLEEU8P1VXojXe2g9gJa5l1xI-DLxekq5k8tB5z-Qyd2JYczfBzEfDQBuSZfJbD25Sw84kzHxNosCgxs1284I0i3hONqxtVjJ72R_WQIVPY7NPtheuNKTHAQr49nnC4sWIsHnjKTmXPUzvKtAhT0dU-kWf8SWRhmkJHc-P_t4ZT6ffMg9tWSTJMscL2DJOwMn_938AR7GSZCg9TNRV2q3nD-FKTxNsZ1YRF9i7Mh9S4zvtf5HbrkeTuP3H_GOXnctXrHC0-qhwXnUc-mRCNkM10fUW1ivqmBiV3wnlbj9GSyr_4bNPgSpgkhdE0s2TDxfOAUpScdk8V4LQMOaKb4-9DpXZo5bBykwwMj7Fq-V_uwjPkBijuCDiEhan70xBU3uyJMj7r6nhwxdUdwlNo6frLtWBcoHzGZ2XNSln-2W-EESkQ0oba1rmIzWnzhoPZwUxZ89O1PkBg3AYDZjr03IW6AJSjhJ3cv3ajH0lJGMDAnlA53CjyoHpSR5Mo3zEW9RcjYVJ1qlLxGtS5yvd6K4YwBEzcyDbVla5xi__z-uXqqd0IJ54QfZYTc9n6ut9_M24qUM6ZeTdu7wtevBl0fNOeCdseKpzJmAmTW5dJ3zBNgy2HAE3n3Wxcq6WJcAegpYzvL0qDBsgfFfwVC8wBSlvmsD_FkiEpPNpHhpkttV7qySoHOHnQQo1wG38HuuCS5OAlouqFuVBMz77YUS5orKq6TCAkVvc4M2ZrE0wy_e4mdH58zah6lTeNamJbX-Ia8QSdxDBZeX0-Tr83m4Phr0TLUaHFZ-0mtwIwMhZfoEiHcqmktruGxf0RPPkvlJSoV3r8yI3RYnOsqL6hq6Xm4v0C1Xz8bt6QorXVEjvMdJVyse7SsC1j7Cp1zQO-ES3AkAlzR1X4Llid2y0SbEAk0nRvelLAOX8VBofaqQT4dgDyByvOMKrx5J7oiLxJdqTCw&cid=CAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ds=l&xdt=0&iif=1&cor=17315597703132428000&adk=1820442031&idt=227&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6364332683e63cc80ab2c7627d300e10546024df00af5690410841d602c73163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7651 210 B
549 B 1522ms
142ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dfa20ea4f4b947fe9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MY3WyBgoQhhotIy-xMkHhmHMxXBIQ&gpic=UID%3D00000c8a4aee29c9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MbiYfhUqktB9sCoxfRQ7TnVFnA0Yw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

735b0d1755b5896b1841cab8083de2531b66f6c9a31aaa8ba2416ee26a6c901f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 2DF5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16962...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

1630ms
1041ms

Document
text/html

18.66.97.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-56.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Mon, 02 Oct 2023 12:56:59 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-id: pWIBPHIUNZEjxTK1o3W60aVbyyJYoOVeNoY5o2fpmwZhQIzLBZjljw==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: RefreshHit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:56 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 video.min.js Show response
vjs.zencdn.net/7.11.4/ 524 KB
145 KB 1429ms
151ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/7.11.4/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-ams21065-AMS
date: Mon, 02 Oct 2023 12:56:57 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 16:37:54 GMT
etag: "dca7de69f28da40d65353c2e9323442b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 148475
x-cache-hits: 292

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0F94 22 KB
8 KB 949ms
948ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 30234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 8602
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

175ms
171ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6166249157152&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 17381fd0a50f3502c2586fc2043bd3abd8b07635a1069a4cf4ae4286f4271325

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 80823300061543604438446012465012
Connection: close
Content-Length: 727
Expires: Mon, 02 Oct 2023 13:56:57 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6166249157152&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Mon, 02 Oct 2023 13:56:57 +0200

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6773 0
0 852ms
852ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5UoEFr4aZYGgOI6A-gb714qoApf__s1n1afU4MMR3tkeEAEguoTAM2D1jbuBmASgAZ26sqMDyAECqQIgFhH3Hn20PuACAKgDAcgDCKoE8QJP0KUzzX57mUvBG7PZYyObGFI0EeaxwgIabvdpl6p-GCx9uXAWZt2InSciPWFWUfIz7bnBOVDxTLtjEqKuYhhO-Us4fMQCMgqwNFnFPg-5TukKUqN4OPbH147Pefg3VHlYAy7DkWvkpt23XyBTg5u3JBxqLmvrv-Xv62wRpwcZzNxIfIonk0xozN0MGDKRuO872-KBJT1s_6SJB2tyAaH8564PFyyMDFKXITJKOtZKz-acArl5bzmNSuywl7l0R4Wz2pGwf1cccwsZpIwsxNN6AIKkKOljerRBP8dmfNXuSl38-FDHnVR7ztGNLV42oZS1KvXjOLKLCraIQLxQffPMLVhavBz3dPV7qJMFVqgbId3VkBJXJFyDZYMTy78qVFdDiZXgxWAsIsGB_TvCBa2h-3xqky8eA8d0aDZFWwnuW0NZoLkXAeOMAvMRAWFlIk3sqmhOYXDE_fV8ynqz9TwjzX2eVYJgUVcANXKEjJBfD9rABPPij5a-BOAEAYgF9PeNwTmSBQQIBBgBkgUECAUYBKAGAoAHyJbvhQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCX_wPSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MJoJ_wJodHRwczovL3dlYi5oZWFyY2xlYXIuY29tL2FpZGVzLWF1ZGl0aXZlcy1zdWlzc2UvP2NpZD02MTljZDAxMTkwODY3JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj0xNTQzNzM2NDIxMiZ1dG1fY29udGVudD0xNTQxMjgzNDc1MDcmdXRtX3Rlcm09JmNhbXBhaWduPTE1NDM3MzY0MjEyJmFkZ3JvdXA9MTU0MTI4MzQ3NTA3JnRhcmdldGlkPSZrZXl3b3JkPSZtYXRjaHR5cGU9JmFkPTY2NTM1MjMzNjg5MyZuZXR3b3JrPWQmZGV2aWNlPWMmZGV2aWNlbW9kZWw9JnRhcmdldD0mcGxhY2VtZW50PXd3dy5iZzMuY28mcG9zaXRpb249JmFjZWlkPSZpc21vYmlsZT0wJmlzc2VhcmNoPTAmZ2VvPTEwMDI5OTImZ2VvaW50ZXJlc3Q9JmZlZWRpdGVtPYAKA8gLAdoMEAoKEODv66vU6oXxWxICAQPiDRMI3dyj-LTXgQMVDoDeCh37qwIl2BMM0BUBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=wZGpEP4i3U0&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNx0vqAl30Gy6OSC29PJX2p9t8EA2_Uh_qsGPtddJIijHnCs2Som_6BzogNvkrS1LgxG776_EHohgB&cbvp=2
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr35s10-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C41 182 KB
57 KB 145ms
105ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApHbrjlhaHu4GoTPEXzH09OO9fWPXRoKNr0WweNmHpayVSla1X3ysjBGnGP2g6BdJE7H8Yjr-tlHsYKRh1yP3wp6qzV1pUyIZrbwtFC_eZe6yPfIKKxhx2Yqy26DVyJedf1PAje4a1kh66Hnwzn__e7VatmNMu8U7Oge0Mrd9QxNuySL0&cry=1&dbm_d=AKAmf-Bs4JwibO-oFhM5Ps3Em17gIYcuhWFVKTOJAXnykrpPqxsIhkpc8Kk-8KoXXxfVFuz3-rA2fbkjAXslSuyVHGYvCrbRXVfhdh2wiGbufO1kRUE_VjtplLwzDr-IUl-r4DcUX475qh70Tv34iq39EanJqDgssH3Mt-_Rzt7Y1mN5ZvQwnJtjA6pG5__6SRoXL1YA-1yb_tKfKS31srOEBGCEYlUnsRTFKLTgZJndYi31z_KuVtnIH7RvT8f3RRcmz8A6cOHDo-nIsqArH9NynX4DLwvAC2vRuL0tZs6BAAACwxOy-ShP967zvcr2RWZBAHMgQVLtJ9Qwk6iYtOhkHMT3PkrT_1ieGjsNhwxMDabr0rjUjcgzQXUaWinbLswXCW4WOce91woa2M7T31KPsLT1s57IFaNljTyhXhl-Nz7T_qcI06WePBle1VdeusJwCVBy-_dMwO4zROewcAxr4Jr27IQ8GHQqky-mII4S6iz9U2FUTHMwuLStRQQjfLgyVwrX-ptP0y7n2SPu7rb3F36fm3jp3fna43mEO8OA6G7TRAncWzWvnZU4-WGLtPwz0b2rNLCy0v8x5slsNIwnNYI_AnWm0slVZjoBOJc1ZG3-6i6lZwMIETDf_dFIGEcWmb5DyFbXoARwbfwIH8wGQIX9hzkuukIsAhn5Pcn56Abl9BVewNq74CmnnFuf5zFNXK0oWQSpBj37D8vMXDbNFoKrpa9xaI94ciE5J4iZoNrrOKQGsJ3evuT6yZSjMmTI9HWcz9EpV5J98Ai9qKLUENr_kozvnYMGmzGm1tZfpOtc2e5oqkVOZyGIQLE8ksMfk0Bcsh8gtukrylAGllpbDYYsBT1pwD_AwY-LIH_Hcz-4V53PMPwBzSIvX7JmmsLEgD5Bz1DeIZZ-Sv6mQeyMe8tbGT9x-jRFB6zCopel1kTX1ffGaiUl3FAegzPfJ0-KMc3miuaAkcRldli4qht1qPB8plZWGDRnUYtcZXvyk9sTR1_zOWIZfa0q10VZpKQYJ_uUkBJjF6cWCgy4_Tg1OxNmtkThgwvJ8yUEVkzXRqjnE21PjZJ2JYsYrvOs-o4pHh0zf4t2UByCFpvbAoXJ2GFkyv_VyL0ImFIoN6ERMmj_hJCsnpfbRsOiU2djqoZv1IB9CmXdjr_ifb45PC05F73n22latX2z3Vvqk5PjCq3nJDihaMzxmw_BGySxtOaotoRQ5xNzVQzRyCwiO65yDkibhinJ-Okgk90cIpjsHK2lW3ESwUusK3WgmRw5EnUn2fDNw4NfLnqFsrymAKbwAZ6dMZlHvHNoPzil6jAfTiaC1iTIHpkJ7sLEl8YUcwRzqiB-DwJuQcoHvxj0W3NWkMdIguBmgO8fPSs1tLFMgKzcKDW3apxLLp5ZL5n-NQ8tqZMXuyb3wdNehTuk81fKc4yJTX4TooC17klsA6Q1sKkKMePdtHp6jaENdxz5g0wJ7deMyy5uRbfHFxYwIjqDlqd13VjEHzDrRMr_OmHplbkgs-SEN-415OQRch8MN-TcfJDU58fp3VBxFutvEYL6LfnvFauOU9Pf8ttWZhpIyHOyItpdEwWCfQmZQroDny6Vd9JWLzj1pfaopaqkjkmz9PFdaez3Y363w4Gmt9f4KZGipIAP7QMPPLlUv5LUvTGrDYTqyVVqZQXhrQk6GaFe8e8vrsGFsTL14Q6tX-du1Ajgo9mVmrTpBi-hZS60tSwoq1nCAtXgAZ0no77IT1P7Zzqan3WfTqgZTjbrOsBFoLjs1dlPGbaRRW3m0ejZ-U0k3JiBDjJf0ThYglCq3B1cB9R-3xzF84l8rcQtIKujU_9xrZPJ33OWBpHFE10rPSoaeYo43Tf1x9hw6eSMBWXt5k380r4X4LoSD4v3lDVcXiO7r5qEBSwHg2SipqJBVSuF3WAsAzDmgXgNijMMpdFQbEmeOFboVf2_t8jXVR6pliGBHKU7DgEtt0INEogIZuVakng6rk3Uk-KnExGVY3nE9CXz7f8a6aiLOcVeWdMJknvAMIUAnPzXHwGlxwocfLWQpENzT8k1CFPk99kfwQvsKM_BWMqXyscjAgVd0pUHmr6HoTo-oj7mFt5dpn_vFy90B7opA51t2dBN9IbYEqBu5_DL9fLgrv_p6xWehH5X_yOdReDP5SkIA38qSJtqEIdhnKBpcNcqyHB7_udhgNFY4gDYSczvCrnZ7JGP5vjJQoAXlDn6A1i3FVwWTvxotkYbTHyHfq3Kq6blMOVbJGMQqQrvrMoRi6SNigu0Vy_4BPK-RVNm75DazjxNytCa3wIMhxTSepXup6sRJQkfYDd_wgipxjSNHMcxPLGGUuNHDOPpiZzbQLnIhJ1z1YFYfoJCXyeSsJMbUGoIDo7R2ZFT56D7oN5UugZz5SeZURQUu-csoOq27T8sc8MMiCzdDPmEgXflhSQlL999zkKyYYqW5-fGZxnO7Q3-PcW8aZ65Yk2xOLUSVoq7OFY2-9A0U_hSdffttvRTOS7AkxSSjgxOJxlAdbP13SPb7zdqyBZEl4GX3nVyylP9yNudsKdWM8SgNMcyOSudZb5SPi3nc_uK6fb5cJgmhbN9D4JxsrjYXcrJMJA5R9xAvebR4y_qFluSLgthfTm_rRXZYACab2vTmXS3FRRRi6HFt_DDufgVWZbeu1Ds_gNmqvDhmCCA8eedLT6C5xwIaJBkBGQf-lmhNSr-mryWfCPoq6z0TGe3LcP-zv8BpclU8BXpn6UjmnPRxcMpbgU_YfWYYl-_Jap_i7xmynZAbsfJb6WnyvVIHbL_lQOiuW_zVaXLgEUH5ctDirYNzcOA-NezJcxjdtrN3B9WXQsf8ZW6XmcgE3uZF3WTm-1saG6F2RibpFZ2-z1HBxq6tdodUIFHbkWDvJR_gf5O7kf9XT3938dS2wykh8DXvUlhzqWqXiIb4tKn6l8ZQDpaYHIl1s6v7mF82T8H1xw4xYgFTFrLEEU8P1VXojXe2g9gJa5l1xI-DLxekq5k8tB5z-Qyd2JYczfBzEfDQBuSZfJbD25Sw84kzHxNosCgxs1284I0i3hONqxtVjJ72R_WQIVPY7NPtheuNKTHAQr49nnC4sWIsHnjKTmXPUzvKtAhT0dU-kWf8SWRhmkJHc-P_t4ZT6ffMg9tWSTJMscL2DJOwMn_938AR7GSZCg9TNRV2q3nD-FKTxNsZ1YRF9i7Mh9S4zvtf5HbrkeTuP3H_GOXnctXrHC0-qhwXnUc-mRCNkM10fUW1ivqmBiV3wnlbj9GSyr_4bNPgSpgkhdE0s2TDxfOAUpScdk8V4LQMOaKb4-9DpXZo5bBykwwMj7Fq-V_uwjPkBijuCDiEhan70xBU3uyJMj7r6nhwxdUdwlNo6frLtWBcoHzGZ2XNSln-2W-EESkQ0oba1rmIzWnzhoPZwUxZ89O1PkBg3AYDZjr03IW6AJSjhJ3cv3ajH0lJGMDAnlA53CjyoHpSR5Mo3zEW9RcjYVJ1qlLxGtS5yvd6K4YwBEzcyDbVla5xi__z-uXqqd0IJ54QfZYTc9n6ut9_M24qUM6ZeTdu7wtevBl0fNOeCdseKpzJmAmTW5dJ3zBNgy2HAE3n3Wxcq6WJcAegpYzvL0qDBsgfFfwVC8wBSlvmsD_FkiEpPNpHhpkttV7qySoHOHnQQo1wG38HuuCS5OAlouqFuVBMz77YUS5orKq6TCAkVvc4M2ZrE0wy_e4mdH58zah6lTeNamJbX-Ia8QSdxDBZeX0-Tr83m4Phr0TLUaHFZ-0mtwIwMhZfoEiHcqmktruGxf0RPPkvlJSoV3r8yI3RYnOsqL6hq6Xm4v0C1Xz8bt6QorXVEjvMdJVyse7SsC1j7Cp1zQO-ES3AkAlzR1X4Llid2y0SbEAk0nRvelLAOX8VBofaqQT4dgDyByvOMKrx5J7oiLxJdqTCw&cid=CAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ds=l&xdt=0&iif=1&cor=17315597703132428000&adk=1820442031&idt=227&cac=0&dtd=23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:56:56 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C41 41 KB
13 KB 140ms
100ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280712
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 06:58:24 GMT

GET
H/1.1 200
OK 79h9btln28au Show response
hal9000.redintelligence.net/zone/ Frame 9C41 12 KB
4 KB 407ms
113ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/79h9btln28au?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-A9QFb4aZcuSGIG4-wblhIrYCufpw5tp_M22i9IPkS8QASCD_eYfYPWNu4GYBMgBCakC-7ODhIzEsT6oAwHIA5sEqgT_AU_QW3EwglIPhVdHR9YjoGCmcS0SzOaVmTr0qL83353ZYNH1HIVrCUraDqlUANwgKkQtlpIS5PgcQOdlJrh-BjUFmfGgp-OdL3J037bOCSZDxbWzDw0NTKa0OL2atUTqCUDer03hbaRe4lcAUDzyOlYKS0RN3yHIRgAa_Iz-3nANlPOXqaVafHvUSHh7Krmptx-xOFXxHBmD8kTOoZJJbpjotXQ-iC5vs5Lc00EQ1HWA7w_XMc4eZcwIpwXhUgAcGsqXr0Z5QCA5Z3qn-hyARxUmeI_zxzueT9xNS7pZ-0CQ6fViesKJITdr0g3g333Kh58YpFTPO74jHmu5pMyTnMAE6tu9jfwD4AQDiAWxn-b9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX4AKBJgLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIi_HH97TXgQMVAdzeCh1lggKrEAEYASAAEgItWfD_BwE%26num%3D1%26cid%3DCAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE%26sig%3DAOD64_2tqXZCfKnZTTRFHC6t8iAM4CpBtQ%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-Cfjnd5456bQq626WOW0q9UjQy0GXMnBgHD2FH5BTAvt9o0dw2nZJ9_FjOUHqDTaLzYUV6_iTKxOksBhpw9CYL_uYM5BbNSiMNa_q772X16CuJlagB8U1Lu4alpf_qL4FG7EFUMy9NiF4UOd3uHM63YaW01HBZDRzmRh32Rb6ZGpzhkZpM%26cry%3D1%26dbm_d%3DAKAmf-AoeMQVobUEjrg66cJ2l-CRrtKrjAmAbuIvyXtLbhSNFsBsyzqpgFFtcyADYSFErqvNpTtAuMrNsVaXJ1bJpP38vRPUBMugKJdfvLMYauCnUzulazdI7GNWkqKIIkd98GcZt3MqdHL15n30h_EtEjwfPzXjsuGo-xyxlCHOaze1gKEr92_xoP5YtZmbrrSF-o4d1q_XQjVT-eAhEZUW_QIwBWaEVjas6C9VZs09Uixv4C4Sv_SKj7iNv7BfluWiJEYuDJjQShSS-tyEMZZLunwOy3Y1u6IHHRtIlXB7A7rl9UHL6b1QzjcEKztZCK1Zg40l3wtSBHNPpCGCMdfOiLnZLMLOoGXwze13DteUE9dLlFT3nGTsT7GtFUX_GkgwGVw8kzlPVEDmiEDyTgR_DP8i7ALe08AdHvRVspUV2ZWHlQXSaHo1QlZq2Qn2JNQSgWujE2n8Vps18LHeflYVsgKS2jxi-49NVaxuemzPlEZj42SVqMX6nR4B3SXg1dndRg1tTwWtOcVZmGIwPnE86tvxliGPFbsBcvyNt1nFKlxQLf8EqTk5RhrdBfuOEn3gREehKLjK-OFKmwTuQMxLe8AVKNAEf8W6DB4GfWfqR6qtC12zZQs2HN27yjf9uCH2gUEbbpfrHB8MiRPHoI1z0wNN08SGAvp6B60ef7etuW0wYn0k6L4%26adurl%3D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c592bf32b8c2c314fc571cdce21926bc55c6ace24c943020fbdd2a4b88491401

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4297
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6665 17 KB
6 KB 227ms
196ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js?cb=31078333

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 12:56:56 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 604ms
127ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 02 Oct 2023 12:56:56 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 222565
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 84ms
82ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 248336
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
416 B 210ms
187ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 0cf54af0372c1b8a8dfc94e27b3fc57d8d18a780aad6a9cfbe4e369c68e347dd

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 01 Nov 2023 12:56:56 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A425 4 KB
2 KB 85ms
77ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1696251413358

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

a72-246-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

17dbc16f7c2fe5e990d41c15299d25ee05da23af27592f57243ac478fe139a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1409
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

pd Show response
adpushup-d.openx.net/w/1.0/ Frame A425
Redirect Chain

https://adpushup-d.openx.net/w/1.0/pd
https://adpushup-d.openx.net/w/1.0/pd?cc=1

653 B
749 B

160ms
155ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6b353890fc62be21ddf2eb894b8ead2fd12fe447561bdca98a06f7b6dfca703b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 415
content-type: text/html
date: Mon, 02 Oct 2023 12:56:57 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 02 Oct 2023 12:56:57 GMT
location: https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 204 isyn
prebid.a-mo.net/ Frame B7B2 0
0 94ms
94ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 02 Oct 2023 12:56:56 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 216D 6 KB
2 KB 189ms
178ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80fd1bbbdc912a7c-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:56 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame BF74 37 B
140 B 385ms
86ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 02 Oct 2023 12:56:57 GMT

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 7051 9 KB
4 KB 450ms
137ms Document
text/html 18.65.39.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-91.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 9331
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Mon, 02 Oct 2023 10:21:27 GMT
etag: W/"cba3476b12cba88403393b498cdbcb0a"
last-modified: Wed, 02 Aug 2023 17:35:11 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
x-amz-cf-id: 7Gqds9XicAXDsPf64J_t7b6U7j6rffJVClLrg_sUcqOIoRGS4t0Mtw==
x-amz-cf-pop: AMS1-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5: 72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256: 54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6289 281 B
554 B 87ms
86ms Document
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Oct 2023 12:56:56 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame F169 24 KB
8 KB 424ms
96ms Document
text/html 72.246.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

81ea470ce9f97129edf53bb7ef3755c19a72f2de8ec5f116d4b24bbe16deb501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8491
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:57 GMT
expires: Wed, 04 Oct 2023 12:56:57 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame DF44 3 KB
2 KB 464ms
164ms Document
text/html 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 907
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 80fd1bbe0c19f108-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:57 GMT
expires: Mon, 02 Oct 2023 16:56:57 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C43A 52 KB
17 KB 453ms
154ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 10899
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 02 Oct 2023 12:56:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 174, 105337
X-Served-By: cache-lga13626-LGA, cache-ams21029-AMS
X-Timer: S1696251417.297634,VS0,VE0

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 0F94 37 KB
15 KB 175ms
174ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 494323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:13 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame A425 43 B
442 B 338ms
95ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:57 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 02 Oct 2023 12:56:56 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame A425 0
239 B 479ms
128ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame A425
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

0
291 B

129ms
123ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
an-x-request-uuid: 81f83ef8-0671-4d2b-bf4e-92172f03b773
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame A425
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

0
291 B

82ms
78ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696251417321028-420
Expires: Mon, 02 Oct 2023 12:56:57 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A425 42 B
677 B 277ms
114ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=6jAO5fEDODNqEusda0UHh5Sa3rGAZlXWKm2NcteVCvA
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A425
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2keRmop0lCTX6AU32Zm4hejdgBUhyxg

170 B
188 B

114ms
113ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2keRmop0lCTX6AU32Zm4hejdgBUhyxg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2keRmop0lCTX6AU32Zm4hejdgBUhyxg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame A425 0
75 B 471ms
180ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:56 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame A425 0
0 369ms
120ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A425
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

43 B
720 B

536ms
216ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E0PP9DWXVZDC88FPP4ZM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame A425 0
42 B 472ms
180ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame A425
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

0
291 B

149ms
148ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame A425 0
125 B 332ms
111ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A425 70 B
148 B 171ms
168ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame A425 43 B
145 B 151ms
145ms Image
image/gif 3.65.107.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1696251413358
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.107.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6773 42 B
108 B 259ms
259ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYGz2KOYGpsNP1u32kZebQ-LQKDiSq97mT9KFQheHwcx_OgW2TC5OXbwTG14sKmIVeb_nY4CkrQbC9a_njG1voCwi-2Mn0YNhBwvR8S_O6bEtVXBSEhvmnLvIb8T4b5yFytWLW1pA7Vg&sai=AMfl-YQc7VQAYvyvccC3hUTzltrYNlGZMmBnJxhKcuXuY-4qaw35v85jvgZ91cwKzVlWl1M38-n0WQCQIKFM8M5eFLWUCa1e0yWOLFuaKNb9NFd-i5B415gLPcBYgEvG&sig=Cg0ArKJSzCk4Kys7wUwyEAE&cid=CAQSPADICaaNx0vqAl30Gy6OSC29PJX2p9t8EA2_Uh_qsGPtddJIijHnCs2Som_6BzogNvkrS1LgxG776_EHohgB&id=ampim&o=295,60&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=685&tls=1689&g=100&h=100&tt=1689&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6289 35 KB
11 KB 143ms
143ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 17300e76bedfa2eff7351d57018c9dc281d2b7bdb8beee83de14bc3c29933040

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 07:34:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67052
Connection: keep-alive
Content-Length: 10473
Expires: Tue, 03 Oct 2023 07:34:29 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B514 22 KB
8 KB 152ms
96ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 30235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 04:33:02 GMT
expires: Tue, 01 Oct 2024 04:33:02 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 0
56 B 259ms
200ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BkBIWF74aZeO7MPWUjuwPvMCi6AwAAAAAOAHgBAI

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 75B7 13 KB
5 KB 133ms
80ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0864 829 B
995 B 134ms
89ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f4.1e100.net

Software

GSE /

Resource Hash

d348d4a8551c58f5a9c80418a0f548cfb03e4c46b379f687c8bb645aea4b9996

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LpMu737dwp0SctEg2u6j6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LpMu737dwp0SctEg2u6j6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:57 GMT
expires: Mon, 02 Oct 2023 12:56:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 216D 48 KB
12 KB 129ms
115ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 419267
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80fd1bbe3f8f2a7c-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 1016ms
164ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 Oct 2023 12:56:58 GMT

GET
H/1.1 200
OK request.php Show response
hal90008.redintelligence.net/ Frame 9C41 2 KB
1 KB 711ms
454ms Script
application/x-javascript 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request.php?zone=79h9btln28au&nw=20&renderingType=javascript&namespace=dc4caca203&subid=&uid=6579e332fe03a97d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-A9QFb4aZcuSGIG4-wblhIrYCufpw5tp_M22i9IPkS8QASCD_eYfYPWNu4GYBMgBCakC-7ODhIzEsT6oAwHIA5sEqgT_AU_QW3EwglIPhVdHR9YjoGCmcS0SzOaVmTr0qL83353ZYNH1HIVrCUraDqlUANwgKkQtlpIS5PgcQOdlJrh-BjUFmfGgp-OdL3J037bOCSZDxbWzDw0NTKa0OL2atUTqCUDer03hbaRe4lcAUDzyOlYKS0RN3yHIRgAa_Iz-3nANlPOXqaVafHvUSHh7Krmptx-xOFXxHBmD8kTOoZJJbpjotXQ-iC5vs5Lc00EQ1HWA7w_XMc4eZcwIpwXhUgAcGsqXr0Z5QCA5Z3qn-hyARxUmeI_zxzueT9xNS7pZ-0CQ6fViesKJITdr0g3g333Kh58YpFTPO74jHmu5pMyTnMAE6tu9jfwD4AQDiAWxn-b9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX4AKBJgLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIi_HH97TXgQMVAdzeCh1lggKrEAEYASAAEgItWfD_BwE%26num%3D1%26cid%3DCAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE%26sig%3DAOD64_2tqXZCfKnZTTRFHC6t8iAM4CpBtQ%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-Cfjnd5456bQq626WOW0q9UjQy0GXMnBgHD2FH5BTAvt9o0dw2nZJ9_FjOUHqDTaLzYUV6_iTKxOksBhpw9CYL_uYM5BbNSiMNa_q772X16CuJlagB8U1Lu4alpf_qL4FG7EFUMy9NiF4UOd3uHM63YaW01HBZDRzmRh32Rb6ZGpzhkZpM%26cry%3D1%26dbm_d%3DAKAmf-AoeMQVobUEjrg66cJ2l-CRrtKrjAmAbuIvyXtLbhSNFsBsyzqpgFFtcyADYSFErqvNpTtAuMrNsVaXJ1bJpP38vRPUBMugKJdfvLMYauCnUzulazdI7GNWkqKIIkd98GcZt3MqdHL15n30h_EtEjwfPzXjsuGo-xyxlCHOaze1gKEr92_xoP5YtZmbrrSF-o4d1q_XQjVT-eAhEZUW_QIwBWaEVjas6C9VZs09Uixv4C4Sv_SKj7iNv7BfluWiJEYuDJjQShSS-tyEMZZLunwOy3Y1u6IHHRtIlXB7A7rl9UHL6b1QzjcEKztZCK1Zg40l3wtSBHNPpCGCMdfOiLnZLMLOoGXwze13DteUE9dLlFT3nGTsT7GtFUX_GkgwGVw8kzlPVEDmiEDyTgR_DP8i7ALe08AdHvRVspUV2ZWHlQXSaHo1QlZq2Qn2JNQSgWujE2n8Vps18LHeflYVsgKS2jxi-49NVaxuemzPlEZj42SVqMX6nR4B3SXg1dndRg1tTwWtOcVZmGIwPnE86tvxliGPFbsBcvyNt1nFKlxQLf8EqTk5RhrdBfuOEn3gREehKLjK-OFKmwTuQMxLe8AVKNAEf8W6DB4GfWfqR6qtC12zZQs2HN27yjf9uCH2gUEbbpfrHB8MiRPHoI1z0wNN08SGAvp6B60ef7etuW0wYn0k6L4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=4704587251512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/79h9btln28au?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-A9QFb4aZcuSGIG4-wblhIrYCufpw5tp_M22i9IPkS8QASCD_eYfYPWNu4GYBMgBCakC-7ODhIzEsT6oAwHIA5sEqgT_AU_QW3EwglIPhVdHR9YjoGCmcS0SzOaVmTr0qL83353ZYNH1HIVrCUraDqlUANwgKkQtlpIS5PgcQOdlJrh-BjUFmfGgp-OdL3J037bOCSZDxbWzDw0NTKa0OL2atUTqCUDer03hbaRe4lcAUDzyOlYKS0RN3yHIRgAa_Iz-3nANlPOXqaVafHvUSHh7Krmptx-xOFXxHBmD8kTOoZJJbpjotXQ-iC5vs5Lc00EQ1HWA7w_XMc4eZcwIpwXhUgAcGsqXr0Z5QCA5Z3qn-hyARxUmeI_zxzueT9xNS7pZ-0CQ6fViesKJITdr0g3g333Kh58YpFTPO74jHmu5pMyTnMAE6tu9jfwD4AQDiAWxn-b9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX4AKBJgLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIi_HH97TXgQMVAdzeCh1lggKrEAEYASAAEgItWfD_BwE%26num%3D1%26cid%3DCAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE%26sig%3DAOD64_2tqXZCfKnZTTRFHC6t8iAM4CpBtQ%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-Cfjnd5456bQq626WOW0q9UjQy0GXMnBgHD2FH5BTAvt9o0dw2nZJ9_FjOUHqDTaLzYUV6_iTKxOksBhpw9CYL_uYM5BbNSiMNa_q772X16CuJlagB8U1Lu4alpf_qL4FG7EFUMy9NiF4UOd3uHM63YaW01HBZDRzmRh32Rb6ZGpzhkZpM%26cry%3D1%26dbm_d%3DAKAmf-AoeMQVobUEjrg66cJ2l-CRrtKrjAmAbuIvyXtLbhSNFsBsyzqpgFFtcyADYSFErqvNpTtAuMrNsVaXJ1bJpP38vRPUBMugKJdfvLMYauCnUzulazdI7GNWkqKIIkd98GcZt3MqdHL15n30h_EtEjwfPzXjsuGo-xyxlCHOaze1gKEr92_xoP5YtZmbrrSF-o4d1q_XQjVT-eAhEZUW_QIwBWaEVjas6C9VZs09Uixv4C4Sv_SKj7iNv7BfluWiJEYuDJjQShSS-tyEMZZLunwOy3Y1u6IHHRtIlXB7A7rl9UHL6b1QzjcEKztZCK1Zg40l3wtSBHNPpCGCMdfOiLnZLMLOoGXwze13DteUE9dLlFT3nGTsT7GtFUX_GkgwGVw8kzlPVEDmiEDyTgR_DP8i7ALe08AdHvRVspUV2ZWHlQXSaHo1QlZq2Qn2JNQSgWujE2n8Vps18LHeflYVsgKS2jxi-49NVaxuemzPlEZj42SVqMX6nR4B3SXg1dndRg1tTwWtOcVZmGIwPnE86tvxliGPFbsBcvyNt1nFKlxQLf8EqTk5RhrdBfuOEn3gREehKLjK-OFKmwTuQMxLe8AVKNAEf8W6DB4GfWfqR6qtC12zZQs2HN27yjf9uCH2gUEbbpfrHB8MiRPHoI1z0wNN08SGAvp6B60ef7etuW0wYn0k6L4%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8b29d06c008c2311d0dcc3749d0e9425b279b9c7d99a4ca06e905563cae0d4d4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47064800085109904438260012465008
Connection: close
Content-Length: 726
Expires: Mon, 02 Oct 2023 13:56:57 +0200

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 3016 4 KB
1 KB 657ms
118ms Document
text/html 34.242.185.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 47acbb4144ed4ef8c67c25422ef2c060d1558d348889b090a185e362a1a0523c

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 02 Oct 2023 12:56:58 GMT
etag: W/"0228f6ea88acfab550bc44063c0da5746"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 14AF 4 KB
2 KB 85ms
83ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e53a4c00aee441e6c87c28c7224cf84110dc3dfbc4ba9201246e635266465a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1429
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame BC42 1 KB
1 KB 690ms
105ms Document
text/html 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: c746a2e9d3071f42a60f41945212d77c53fd4a06b1274ddd6548dc01c515a122

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 1144
content-type: text/html
date: Mon, 02 Oct 2023 12:56:57 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 33FB 2 KB
1 KB 143ms
109ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75ac96de73e058214eeb5e9e70e2d5786b1531cb057cafc4a70debca106f6ee8

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc04cd83c95-CDG
content-encoding: br
content-type: text/html
date: Mon, 02 Oct 2023 12:56:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neejXNgysnqfQ0j9cCQm0HKcr5KaaRZIoAbd9wR7fA%2FpzRo0YKR9ksjW8bhxcBs5%2F7LNcOp%2FI%2FFZ05rfk3bw95e6xcgIBkt0SaRvpN2HfO10PJkGTHNzbMNepWmWwY9iYetjXX%2BZblxQYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8CA4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

408ms
408ms

Document
text/html

88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Oct 2023 12:56:57 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 02 Oct 2023 12:56:57 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1CE5 15 KB
6 KB 648ms
89ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75364
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 02 Oct 2023 12:56:58 GMT
expires: Tue, 03 Oct 2023 09:53:02 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame D020 1 KB
1 KB 997ms
235ms Document
text/html 18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 1dd62b9553d0b7855bae577bd1408d38936158bc58af3199b862ba7a5ea92aea

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-encoding: gzip
content-type: text/html
date: Mon, 02 Oct 2023 12:56:58 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-id: v5ne8AKDsU01QPGZJ4O_4yTyqjX16Gi1T2wydHMcvjOGDIzyBQo2tw==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame B9E3 0
160 B 721ms
128ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Mon, 02 Oct 2023 12:56:58 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 1607 557 B
1012 B 1136ms
373ms Document
text/html 18.214.104.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-104-9.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 2c3c379e3800c7a73c0335f40b6ee7d12ab1cd6da1b4d3892d17ef36cae6e678

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Mon, 02 Oct 2023 12:56:58 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=2720646435057332847

0
344 B

360ms
354ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=2720646435057332847
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
an-x-request-uuid: 01709c77-02c4-4500-b144-65c6b3f0f459
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=2720646435057332847
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HazIpRZHvBbK9HjFRzOB_ytY

0
351 B

106ms
104ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HazIpRZHvBbK9HjFRzOB_ytY
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HazIpRZHvBbK9HjFRzOB_ytY
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 7051 0
277 B 879ms
128ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Oct 2023 12:56:58 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

RX-40190b19-2d57-4126-a46c-0f856862cf5e-003
sync.targeting.unrulymedia.com/csync/ Frame 7051
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1696251418266
https://ad.turn.com/r/cs?pid=45&rndcb=4572301769
https://sync.1rx.io/usersync/turn/3702013787439226483?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-40190b19-2d57-4126-a46c-0f856862cf5e-003

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5124322328771523532

0
344 B

134ms
131ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5124322328771523532
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5124322328771523532
Date: Mon, 02 Oct 2023 12:56:58 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba

0
356 B

99ms
99ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-57
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.servenobid.com/sync?pid=332&uid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

357ms
351ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Mon, 02 Oct 2023 12:56:57 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

0
368 B

359ms
352ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A
date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

services
sync.technoratimedia.com/ Frame 7051
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU...
https://ssp.disqus.com/match?bidder=18&buyeruid=d0b985f4-e737-40e7-bcfa-643e9d2e9bba&r=Cid1YS01MzQzZDFjNi0zOTExLTM0ZTEtODY2NC04NjY4NDU2ZWU5OTkQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3...
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-5343d1c6-3911-34e1-8664-8668456ee999&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

0
368 B

358ms
352ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A
date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 7051 0
35 B 625ms
81ms Image
text/plain 54.93.114.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.114.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-114-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

176ms
155ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 02 Oct 2023 12:56:58 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Mon, 02 Oct 2023 12:56:58 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 7051
Redirect Chain

https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
https://ads.servenobid.com/sync?pid=328&uid=81aa72e9-4c82-4d66-8803-02ea83440de8

0
356 B

92ms
92ms

Image
image/avif

52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&uid=81aa72e9-4c82-4d66-8803-02ea83440de8
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&uid=81aa72e9-4c82-4d66-8803-02ea83440de8
Date: Mon, 02 Oct 2023 12:56:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A425
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CeNtcV2zbSYSsmp0Xe9xIQvuaSMStWkpW-Ox5W2C

43 B
180 B

383ms
341ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CeNtcV2zbSYSsmp0Xe9xIQvuaSMStWkpW-Ox5W2C
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=CeNtcV2zbSYSsmp0Xe9xIQvuaSMStWkpW-Ox5W2C
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame A425
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4283918517387110662

43 B
106 B

464ms
455ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4283918517387110662
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4283918517387110662
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame A425 43 B
855 B 534ms
126ms Image
image/gif 52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=df414b6d-e206-8dda-845d-86ae12e11a67

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 58QGY93PQM8FY3G5G3RH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame A425 70 B
148 B 376ms
374ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=87973710-feac-3620-4453-04397ad2d187&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame A425 170 B
188 B 420ms
419ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWJmOGU0ZGEtMzdkYi02ODg0LTUxYjMtNWU4MGIwMzAxZmU3

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame A425
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAnoc0piD3luxRe2x5oGZD0&google_cver=1

43 B
61 B

147ms
138ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAnoc0piD3luxRe2x5oGZD0&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAnoc0piD3luxRe2x5oGZD0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C43A 0
598 B 423ms
423ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
an-x-request-uuid: 29713814-41f0-4a7e-9dd4-e2a98e5b3ce2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 37A8 2 KB
982 B 403ms
403ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0994553f7101a7738b9b36087c9a9f11b9fcda3f382d00479b3c0fcbf0bb099

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc0bd843c95-CDG
content-encoding: br
content-type: text/html
date: Mon, 02 Oct 2023 12:56:57 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB7uG6hF5NognK1ESonV%2BTVaGT4XqsxqpEZTsJ27FF87c3K1Jzz3wp681H%2Bo9gNbfoxee0h9NcSbmDPimA%2BkGD8JrHPJdQqE76y0iWzZWtTpwPRMisWEpTUkdYOBrBZerWdpG3RhvqSw2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame B514 37 KB
15 KB 87ms
86ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 494324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:13 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0864 0
0 421ms
421ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=3413551041692007&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 386ms
386ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 09/22/2023 01:09:22
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 64619facc3a5893d5ac2663ef2b121b1
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 450ms
449ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-167
cdn-cachedat: 09/27/2023 15:06:24
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: c30bd19c6a04c7bf228f8f8579c72b09
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 457ms
456ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-587
cdn-cachedat: 09/10/2023 07:57:09
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 9e3f0e72bc6ab287a2526417cd025b62
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 457ms
456ms Script
application/javascript 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-676
cdn-cachedat: 09/22/2023 01:10:25
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 37b7403ac221915f91b6599d8ff4f1aa
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 24B3 6 KB
2 KB 635ms
136ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=80823300061543604438446012465012&a=68999487
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=so0m3m0ljrhx&nw=20&renderingType=javascript&namespace=8c95f1c56d&subid=&uid=d31605fb445d4b02&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x75&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4h2QFb4aZb3MOpio7gP1hqqADZHB0Jtp2--DktwP8C4QASC6hMAzYPWNu4GYBMgBCakCa1rdVkKusT6oAwHIA5sEqgSWAk_QSq0r3d0lwJZcH9I8umsEPjNJ2tcuRHt93BHH_4YhjW4YqAcO2zdDAsiGop7wKkDboGCkszXZV19PA8shcU4S2wdwM7UWUu80Fh2LC95GcrxJ_lYbG0_-U1n_AzB7aGH0_VWmd-iqvCGJLvisXJ_3sPbNI0PI7Ak1JW2_9UXoA074YMyEy9g3wHJWPqFPWnVZhHE1qP1-cMXKtRvIcDMYB1DUQ15gLk63IGyb5cQZ0m22w6BbMrG93g4cl-boTCDzJoooMksdDJ4mBA1smHX2PSeXj5RKmrzDG-kSj77ofjoxYLKgAEJra1tAKyjrTQnvgmxbSuSWWkwviX4fmKW46Jr7oC9tfoJiJLIm-jgVoIZLkWNDwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaoNAkNIyA0B4g0TCIvt6Pe014EDFRiUewoddYMK0LATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMI_arq97TXgQMVGJR7Ch11gwrQEAEYASAAEgIk6vD_BwE%26num%3D1%26cid%3DCAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB%26sig%3DAOD64_1MQCvSghrwL55PkYBfFO7pb_FUWA%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-BcxP5vu4DAG3OdvYZ8JyLrfFm-DB30q4zTIGBj_y0IH-EtlBuCf23PcG0Qt_CBF2BOGhTyeQ-pdRNj22InxbFk3bht2zNOie0E_gg_scGUmhopy8Vzz4ECJioWpF_OE-RR_x_sruNnQ_tQ-jRDO3jGvebYiOb8cPJoiX7yWmSOr8USaAE%26cry%3D1%26dbm_d%3DAKAmf-AExXsM6BMgLkmRlri7TW3UxwTeVryf_rP8o6m63iruEBPxTaopMOG3Q_EqX45L-Ftm4XvTr8-04RRd3uawV2Yn2GGo3FiMKNh2mW0FaNdUuM77VJ-xVJv48z25yyktSE4L1lHyqA3mYt7IzCUfSWZO6r6fn7HLVdnHgfw6_i4zr4SLfDJcOpSRr75fq36Er2u8mvBsih7TzJKmRNMSa0g2OkTEeInO_u0dGFb3qZq9e2NOg5cb1u2QFlsAYZBrwqt6J7NvvLayqIjgALukN4lSIwHxew6AoRDmgSvPk3pfBRGyWuBmxmiWxF8gXJjaIDnIpG5k10YwfWzZFOvX4dgQZXmDaMu1sxX3aD8B9SmlYmmkgrq0OmeGFlJoC81VRrHo0B7xREKHJJEoHEaliwvuoRdPQ6h8BqBvebJfPb0kfch3hlutREhb9zujS59Pt22yUCZVUnhjpkrIeN7dBFYTIdbB2hVzwKcgSKlpQtT07r9sWz-mTA7CwbXrQYZ8d4irg2IE0sE-cCNzWEu_0RQjiIDo9z26gnfW3oY8iO3nzgUAOfO6nGSi61mTMgLNmavavXTh38TLUTJsp2SeKo2ObbVTfi-zfh4oHFrkLjXqtZkuskz2VNP43sBds2e5KFX6QyvNZEyS8-KEFoHewx9BjX8VhQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=6166249157152&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 5193d730509962ce3a5fbf58e5a6a9da6fb47082d5a59bfff189204b24265239

Request headers

Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1865
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Oct 2023 12:56:58 GMT
Expires: Mon, 02 Oct 2023 13:56:58 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8602 43 B
702 B 770ms
160ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2528692&v=13872&q=388081&r=414915&pref1=80823300061543604438446012465012&pv=1

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14AF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2lc-wWyCYX6XyAHv4AxE3eBFYSNl0fA

170 B
188 B

135ms
125ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2lc-wWyCYX6XyAHv4AxE3eBFYSNl0fA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABivB2lc-wWyCYX6XyAHv4AxE3eBFYSNl0fA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 14AF 43 B
443 B 309ms
299ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:58 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 02 Oct 2023 12:56:57 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LN8WAN9V-17-IY34&gdpr=0

0
291 B

128ms
117ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LN8WAN9V-17-IY34&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LN8WAN9V-17-IY34&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2720646435057332847

0
291 B

120ms
117ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2720646435057332847

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
an-x-request-uuid: 86a9772b-f9e8-4436-8f9b-f76cec5367c5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2720646435057332847
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0

0
291 B

115ms
112ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696251418004054-382
Expires: Mon, 02 Oct 2023 12:56:58 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 14AF 42 B
677 B 353ms
348ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=3550505922006436064

0
291 B

121ms
113ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=3550505922006436064

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=3550505922006436064
date: Mon, 02 Oct 2023 12:56:57 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 14AF 0
0 348ms
338ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 14AF
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

43 B
479 B

395ms
385ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JHZ5DFC9QQM5KR0XNF5T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET

Pug
image2.pubmatic.com/AdServer/ Frame 14AF
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkQ5NEJDQTgtRDc0NS00MEUxLUFBMTAtMUM1NkI2ODNCRDdE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

0
291 B

106ms
106ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

0
291 B

106ms
105ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-xUsOEwJE2uEQRYgNVE6lzHISJTdlNMtJK6fy3G8-~A
date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 14AF 70 B
148 B 364ms
355ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 14AF
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=70&user_id=2153984576906007906&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=48461918-1765-42ad-b960-8188df040c1b&gdpr=&gdpr_consent=&us_privacy=

0
291 B

129ms
128ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=48461918-1765-42ad-b960-8188df040c1b&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-52-48-234-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=48461918-1765-42ad-b960-8188df040c1b&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 02 Oct 2023 12:56:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 14AF 0
364 B 362ms
353ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 33FB 70 B
148 B 364ms
356ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 33FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKPJJgN8KVjDqMzYSReiN9Y&google_cver=1

43 B
731 B

131ms
130ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKPJJgN8KVjDqMzYSReiN9Y&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSbRUwvQE93jSugT3mEx6Lmhfpxbp9sLPxeDtga%2FOlM5pqDlX6NsDhB%2FfndScH6ReImJfp3Tsw5xg0s90cKVM09ve7iMb%2F6xQak3j2pngPKVWrtjlmrQou42jLX%2Frrl30HoJQ9pwvLltjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc41ae3f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKPJJgN8KVjDqMzYSReiN9Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 33FB 43 B
855 B 392ms
391ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XVFM154DBWYV6WPCNWWP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 33FB 43 B
600 B 331ms
329ms Image
image/gif 52.48.234.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 33FB
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1003586707705907298&gdpr=0&gdpr_consent=

43 B
741 B

155ms
154ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1003586707705907298&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz1sCjZsd74PQlwzvXoIxp9vXcP4aceFHK%2Fv2%2BE3MMlzZCqyupmVo79bhMhDKXl35YCvzTLKgp%2BZGT3aNm%2Fr7ISA%2BzAqeD1%2FpIdSxHmjyFVHFtPfrKiUqkUn8ZEu855PxxOJ%2F9%2BgW0NKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc65e02f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=1003586707705907298&gdpr=0&gdpr_consent=
date: Mon, 02 Oct 2023 12:56:57 GMT
content-length: 0

GET
H2

200

rum
dsum.casalemedia.com/ Frame 33FB
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=816790b429b1690&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxEZk4PNIvwNeskjiAAAAAAA&expiration=1696337818&is_secure=true

43 B
544 B

197ms
185ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxEZk4PNIvwNeskjiAAAAAAA&expiration=1696337818&is_secure=true
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssaqQ1gyzF5g5pdIbqzSisoWDejzpOYm443Zo5q%2FsekRVAxbpfWcMKKQNN7zjzhq8PLfXfbYuGHz8jca9oQw4iQNI6ybgqfWbg587UXgSKCRyjNHBoZ4Y08EO2JanhSod1iHL5l1"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc9f8fc3c95-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIxEZk4PNIvwNeskjiAAAAAAA&expiration=1696337818&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 33FB
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3702013787439226483

43 B
734 B

133ms
131ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3702013787439226483
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm3qWjszW%2FjFaDZjWRAKqx25uxIz46C5ScGcYI6vZ%2BNR54HPrI%2BRXvlqg8m60Z3wxvkuwrrnwWlXYnL5lG7U6TGbzzMDgaFfghD1mqDxn7u1sGoz3iSujvvUjkhI%2FekGmcMVOA1Cr1EGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc6cea0f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3702013787439226483
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 33FB
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
731 B

143ms
121ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwmqsNlR2EVraSdu2b0iDs1ilUcObeW7BlFShwTQkkZxN8vl3TPLIVqfFHPK3ZrVb3F2L%2FxCuPaWeSiPgnKUIL5bpzStGaQDF3XPIXpZYrOUS3XQ8lL6FS1ERd8NPG%2FM36ibvrHZnXc77g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc69e58f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Mon, 02 Oct 2023 12:56:58 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 33FB 0
356 B 375ms
374ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
BLOB 200
OK 831c0a53-ad4b-4289-8309-94a873d679dc
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/831c0a53-ad4b-4289-8309-94a873d679dc
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD09 1 KB
739 B 300ms
299ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 19104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 07:38:34 GMT
etag: 48472445140208031
expires: Tue, 03 Oct 2023 07:38:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 75B7 37 KB
14 KB 286ms
285ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 909A 0
342 B 350ms
349ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc2ee1a2a7c-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 8602 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ab79330efb93fa3dcddb3092e649f56f5fc1145c122bf14e1b4509768f32a64

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 6CF5 4 KB
2 KB 290ms
290ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

ba49b56633508c29ec17f1e5966ec67ae893e9cda8def740b5dd17216c69ddd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1436
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame C6C5 0
0 402ms
141ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Mon, 02 Oct 2023 12:56:58 GMT
X-Sovrn-Pod: ad_ap5ams1

GET /
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 58AD 0
0

GET

RX-40190b19-2d57-4126-a46c-0f856862cf5e-003
sync.targeting.unrulymedia.com/csync/ Frame 88A9
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696251418266
https://ad.turn.com/r/cs?pid=45&rndcb=3817786757
https://sync.1rx.io/usersync/turn/3702013787439226483?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-40190b19-2d57-4126-a46c-0f856862cf5e-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-40190b19-2d57-4126-a46c-0f8...

0
0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F94 0
56 B 242ms
242ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_xn-F74aZYjAFbeNjuwPobWTqAEAAAAAOAHgBAI&bg=!xsWlxYrNAAZN1Q_XbdU7ADQBe5WfOINf9k0IGiGwPmhP-u7Vj4aXX5cmwzUTPfs_pYoO71ac7i4AfBVuX-QOJoUJ0j8KAgAAAzpSAAAADWgBB5kDDv1qAORvSjpNQpEF6S9rQymqX-AbGtqdBShLFi2sSMYEdgsPwUhQpoX7ffC9veh1sr86cIPXHuW1NuLtdSVatJNjPgFUCyqUOdqDZ-y54-LomgCxrvLf4MUBgtD-ZHuKPQ0NuozPc5leunDTWaBn5Rsn5vHSRx7nDp6D2E3p8ful42K43efWvOj_t08PBUVzBC5lsdOIO7d2g37xcFTyn38Vi8iOm3lE3XizwtPl8I3VHmhjd1tCRVmx8m7erJwsFjYtA0pl1ikUGwYKE9S37yZyneMlIwTgESyXpKaiBoNWXUeeqA3JVNHEZS22Dkgt2p9zvcPpODAYyK76GKHx4zRtebLR7MIDqGQlYFH8iFU3MHQzgIlRigTru5c_S6G_YF-fN_ReLjTiLPeCbFHmbltvuCQKabKZnCrckTZ9bxND3TZmGCmPNT9Qsh-7EHTatBBCLBY0gfUi_KIferrmScZywEk-e_Fq21x3-KBdQSLxKIzHS2MzQHn_8LJ4LE1f0eZBKMcGJmVkjpVBHEKw47czcXMfzlNKL83dLAMYFq2Edpr4U2JOfiwsWeJXnxU9Ds49tbKXvbGk568cZqu7qNN6fhtiPfbfYZ12KU6-mLTI37s_buzeZndbjyG0y8SOB6mwpukIMLP50qSfEPPQ1RtsKI9Jn14lUX_BFk4KoEpX4LOZdaNZJmydvYSKLOVhPUGtXlTLrD9LBvDUHvQusgCjWCvOjKHAzTFxkUizySL42JY9nPlzPl8DjDOIIolNVCVf0Wd4UOcgy6l4X8BN1-PCFxxhF32W1hfT_A520-bs4-HmPEZemAug1FvzqYIjut7L9ojocCj045UHuqBbHdOK8Kx_gqeOMqgUyGkzRjlj8o-mg3a1qmWQRxEWbIDfpl6691bEAQON8gtl2NlTn7tP2AL3XloDpsgkhjAxXTdg_FfdWQOXMw2HJclA3L8L3Ut6H0_wyh64XjU0QAYJhBZViNr5r1g1Gnxba8-PJyCmM1YqAh7CNgiV23OjWwcP1ev3F7B8OxCIm4CoH5x_

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-48-234-224.eu-west-1.compute.amazonaws.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

95e73092-f89e-5213-83e4-e4dbe6fe5ac1 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D595
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=7534057371162961753
https://csync.smilewanted.com/set_partner_userid_get/betweenx/95e73092-f89e-5213-83e4-e4dbe6fe5ac1

0
433 B

122ms
103ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/95e73092-f89e-5213-83e4-e4dbe6fe5ac1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc7ed432a7c-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:58 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/95e73092-f89e-5213-83e4-e4dbe6fe5ac1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8CA4 35 KB
11 KB 139ms
138ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 17300e76bedfa2eff7351d57018c9dc281d2b7bdb8beee83de14bc3c29933040

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 07:34:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67051
Connection: keep-alive
Content-Length: 10473
Expires: Tue, 03 Oct 2023 07:34:29 GMT

GET smwt256.gif
us.ck-ie.com/ Frame F9C0 0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37A8
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2720646435057332847

43 B
730 B

209ms
180ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2720646435057332847
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7rVDjcntc%2FwN7uGOk2qmxQEF7v89pjR3puLOT0nfUBSm1Zzn4WbawnOQJto0uWo54aybbFx6boRdTXvngGk9pozZKPKv4uEXBoClf11vIlNyyDjpvUJecif12ndx6kibv9DxTog%2BXqSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc50c68f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
an-x-request-uuid: 73dd862f-1cfe-448c-a3cf-8cee3fd6bfa6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2720646435057332847
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 37A8
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB

43 B
600 B

183ms
142ms

Image
image/gif

52.48.234.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

52.48.234.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZRq-FwGx7EBbbpg2QLa-1gAAFEgAAAIB
date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 37A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRq_GgARhmJufgBV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRq_GgARhmJufgBV&_test=ZRq_GgARhmJufgBV

43 B
734 B

227ms
226ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRq_GgARhmJufgBV&_test=ZRq_GgARhmJufgBV
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9XVU88Lig5TtR5XvrLxIOKpXIj5Wym53UoxaICdOs4hrLe6KaI%2FYG5rCprRrC1j%2B47SEYvuq96cdh0oJQ3x40rpTeWFhHBIwceYMxon02Cxl%2FJVvIYXtDSOXB7fxd30OPBLkc%2FEMSYHRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc9fad4f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-ams21043-AMS
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696251419.887524,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRq_GgARhmJufgBV&_test=ZRq_GgARhmJufgBV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37A8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvPE7KNXwAABgcc-dC6g&expiration=1697461018

43 B
732 B

210ms
181ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvPE7KNXwAABgcc-dC6g&expiration=1697461018
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kthqIH8Zm4i7LrdXY9PsbpZSo1HyXMrKKEmFoXKipAbmxqgLrY6SFv3nZohcElu0EjgVsvs0Y7LnGae90X1VDcvRIWeF7FfQziM%2FEjx%2BdDwK9JzecaZ%2FGuOt3yie8XjVvSZWkDgApNpv1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc50c65f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABvPE7KNXwAABgcc-dC6g&expiration=1697461018
Date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 37A8
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=h5O3PXMwQQK4M8UerUSH&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1

43 B
735 B

106ms
104ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=h5O3PXMwQQK4M8UerUSH&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp46TyfjU2rt55coi%2FZtWWI0t1rR7%2BoPb5KX4sek9WLlElhHTMi07%2FMcq1mWk0Wj1F5E6oih4txerXUOy6qrZswV%2F%2F0lX%2FdBYqHqbZkMWT5MU6Bo4G6j86SOSxo44AcB%2B23P2nwJgYaioA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80fd1bc868d3f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=h5O3PXMwQQK4M8UerUSH&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192&tc=1
pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT, Mon, 02 Oct 2023 12:56:58 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET /
b1sync.zemanta.com/usersync/index/ Frame 37A8 0
0

GET tp_out
d.adroll.com/cm/index/ Frame 37A8 0
0

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 37A8 0
285 B 923ms
353ms Image
text/plain 3.219.60.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.60.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-60-185.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 37A8 43 B
251 B 151ms
118ms Image
image/gif 104.18.25.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZRq.FwGx7EBbbpg2QLa.1gAA%265192
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 2155
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80fd1bc3ab2ef108-CDG
content-length: 43
expires: Tue, 03 Oct 2023 12:56:58 GMT

GET

ztpv.php
www.conrad.ch/ Frame B8FF
Redirect Chain

https://www.awin1.com/cshow.php?s=2246404&v=11467&q=346430&r=414915&pref1=47064800085109904438260012465008&pv=1
https://www.conrad.ch/ztpv.php?awc=11467_414915_1696251418_2bec7351-6123-11ee-8502-226591661de6&insert=AW&gdpr=&gdpr_consent=

0
0

GET
H/1.1 200
OK request_content.php Show response
hal90008.redintelligence.net/ Frame CB74 4 KB
2 KB 348ms
129ms Document
text/html 138.201.63.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90008.redintelligence.net/request_content.php?s=47064800085109904438260012465008&a=6605e5fa
Requested by: Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=79h9btln28au&nw=20&renderingType=javascript&namespace=dc4caca203&subid=&uid=6579e332fe03a97d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-A9QFb4aZcuSGIG4-wblhIrYCufpw5tp_M22i9IPkS8QASCD_eYfYPWNu4GYBMgBCakC-7ODhIzEsT6oAwHIA5sEqgT_AU_QW3EwglIPhVdHR9YjoGCmcS0SzOaVmTr0qL83353ZYNH1HIVrCUraDqlUANwgKkQtlpIS5PgcQOdlJrh-BjUFmfGgp-OdL3J037bOCSZDxbWzDw0NTKa0OL2atUTqCUDer03hbaRe4lcAUDzyOlYKS0RN3yHIRgAa_Iz-3nANlPOXqaVafHvUSHh7Krmptx-xOFXxHBmD8kTOoZJJbpjotXQ-iC5vs5Lc00EQ1HWA7w_XMc4eZcwIpwXhUgAcGsqXr0Z5QCA5Z3qn-hyARxUmeI_zxzueT9xNS7pZ-0CQ6fViesKJITdr0g3g333Kh58YpFTPO74jHmu5pMyTnMAE6tu9jfwD4AQDiAWxn-b9PZAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCBRiaWRkZXItdGhlbWVkaWFncmlkX4AKBJgLAcgLAYAMAaoNAkNIyA0BsBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIi_HH97TXgQMVAdzeCh1lggKrEAEYASAAEgItWfD_BwE%26num%3D1%26cid%3DCAQSMgDICaaNo8JRQiznkahRGskl8zAVRF8NBFS1OJoPbKsuUNkqKwcVgtuZjqHjoii-E3YJGAE%26sig%3DAOD64_2tqXZCfKnZTTRFHC6t8iAM4CpBtQ%26client%3Dca-pub-7350897138099958%26dbm_c%3DAKAmf-Cfjnd5456bQq626WOW0q9UjQy0GXMnBgHD2FH5BTAvt9o0dw2nZJ9_FjOUHqDTaLzYUV6_iTKxOksBhpw9CYL_uYM5BbNSiMNa_q772X16CuJlagB8U1Lu4alpf_qL4FG7EFUMy9NiF4UOd3uHM63YaW01HBZDRzmRh32Rb6ZGpzhkZpM%26cry%3D1%26dbm_d%3DAKAmf-AoeMQVobUEjrg66cJ2l-CRrtKrjAmAbuIvyXtLbhSNFsBsyzqpgFFtcyADYSFErqvNpTtAuMrNsVaXJ1bJpP38vRPUBMugKJdfvLMYauCnUzulazdI7GNWkqKIIkd98GcZt3MqdHL15n30h_EtEjwfPzXjsuGo-xyxlCHOaze1gKEr92_xoP5YtZmbrrSF-o4d1q_XQjVT-eAhEZUW_QIwBWaEVjas6C9VZs09Uixv4C4Sv_SKj7iNv7BfluWiJEYuDJjQShSS-tyEMZZLunwOy3Y1u6IHHRtIlXB7A7rl9UHL6b1QzjcEKztZCK1Zg40l3wtSBHNPpCGCMdfOiLnZLMLOoGXwze13DteUE9dLlFT3nGTsT7GtFUX_GkgwGVw8kzlPVEDmiEDyTgR_DP8i7ALe08AdHvRVspUV2ZWHlQXSaHo1QlZq2Qn2JNQSgWujE2n8Vps18LHeflYVsgKS2jxi-49NVaxuemzPlEZj42SVqMX6nR4B3SXg1dndRg1tTwWtOcVZmGIwPnE86tvxliGPFbsBcvyNt1nFKlxQLf8EqTk5RhrdBfuOEn3gREehKLjK-OFKmwTuQMxLe8AVKNAEf8W6DB4GfWfqR6qtC12zZQs2HN27yjf9uCH2gUEbbpfrHB8MiRPHoI1z0wNN08SGAvp6B60ef7etuW0wYn0k6L4%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=4704587251512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.150 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 34e829534eabeae6d42495a768eb4fe212858d3ca202cc796c128d9ea230d64b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1535
Content-Type: text/html; charset=utf-8
Date: Mon, 02 Oct 2023 12:56:58 GMT
Expires: Mon, 02 Oct 2023 13:56:58 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 cookie Show response
cm.adform.net/ Frame 66B2 43 B
106 B 448ms
203ms Document
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 02 Oct 2023 12:56:58 GMT
server: nginx

GET
H2

200

788a348d745818cd6ee6c1a8a81f73f Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 3E94
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/788a348d745818cd6ee6c1a8a81f73f?gdpr_consent=&gdpr=0

0
371 B

166ms
146ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/788a348d745818cd6ee6c1a8a81f73f?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc508bf2a7c-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:58 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 02 Oct 2023 12:56:58 GMT
Expires: Mon, 02 Oct 2023 12:56:58 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/788a348d745818cd6ee6c1a8a81f73f?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1696251418238029-362

GET i.match
a.tribalfusion.com/ Frame FD09 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD09
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIn-ExxEmxA-s9cSzxNEI4E&google_cver=1&google_push=AXcoOmTZQmRo2DVqmnuPep9QoD1xCGkux3cp7xgKAay63D5Vnd3Qwsk2GboYPxkDxuh41oOtK9N7-VQ7jrYg8fWIBk-l1qvDRw
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835308847191&us_privacy=1---

170 B
188 B

90ms
88ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835308847191&us_privacy=1---

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=835308847191&us_privacy=1---
content-length: 0

GET sync
sync.srv.stackadapt.com/ Frame FD09 0
0

GET pub
cs.chocolateplatform.com/ Frame FD09 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD09
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDZslcev428QmCD0LGqzSrM&google_cver=1&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyD...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyDr-WVlRruV7TM0fT87SdUw&google_hm=MzU1MDUwNTk...

170 B
188 B

110ms
83ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyDr-WVlRruV7TM0fT87SdUw&google_hm=MzU1MDUwNTkyMjAwNjQzNjA2NA%3D%3D

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmT1focC0CKRrySXy2fauLyN3xgoNURWXhZBrYqv0llWBpZtwmE1_BhfU-9MV3XIQcSPXSmZyDr-WVlRruV7TM0fT87SdUw&google_hm=MzU1MDUwNTkyMjAwNjQzNjA2NA%3D%3D
date: Mon, 02 Oct 2023 12:56:57 GMT
content-length: 0

GET gob
sync.inmobi.com/ Frame FD09 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD09
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDP0VBrUy...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=48461918-1765-42ad-b960-8188df040c1b&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

115ms
115ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=48461918-1765-42ad-b960-8188df040c1b&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=48461918-1765-42ad-b960-8188df040c1b&%%GOOGLE_PUSH_PAIR%%
date: Mon, 02 Oct 2023 12:56:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FD09 0
12 B 162ms
82ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGjbO05wCg_tcSDvfhbkEnX2h0ecN2vo5Oo6jgJOe9pd6kRUKsY1rEHL8uopwhwUhobpvE4c8

Requested by

Host: d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com
URL: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

usersync
usersync.gumgum.com/ Frame 3016
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2720646435057332847

0
0

GET

sync
u.ipw.metadsp.co.uk/ Frame 3016
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_af30255e-36c3-432b-9698-c5193f1d0ce2&gdpr=0&gdpr_consent=&us_privacy=1---
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=48461918-1765-42ad-b960-8188df040c1b&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
0

GET redirectObuid
sync.outbrain.com/ Frame 3016 0
0

GET

usersync
usersync.gumgum.com/ Frame 3016
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=70aa9360-d6b9-0e76-2328-14d4b282d0c1

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3016
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-80d2b3e6-9f2c-499c-4297-6891fac4acd4$cell

35 B
250 B

105ms
104ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-80d2b3e6-9f2c-499c-4297-6891fac4acd4$cell
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:59 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-80d2b3e6-9f2c-499c-4297-6891fac4acd4$cell
Date: Mon, 02 Oct 2023 12:56:59 GMT
Connection: keep-alive
Content-Length: 115
Content-Type: text/html; charset=utf-8

GET

usersync
usersync.gumgum.com/ Frame 3016
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-AiVY9.JE2peIJpVIgyvAv51ITikphCUJZcdh~A

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 3016
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=d7ba4241-f78a-48bc-8562-90ef331d5e2e

35 B
250 B

402ms
304ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=d7ba4241-f78a-48bc-8562-90ef331d5e2e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:59 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=d7ba4241-f78a-48bc-8562-90ef331d5e2e
Date: Mon, 02 Oct 2023 12:56:58 GMT
Connection: keep-alive
X-CI-RTID: 85d4119a-9fe8-40f6-9938-3adeed8204fa
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET 142
match.deepintent.com/usersync/ Frame 3016 0
0

GET

23178
stags.bluekai.com/site/ Frame 3016
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_af30255e-36c3-432b-9698-c5193f1d0ce2&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=5hWHoK1KowrQ0q6Ppc_2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...

0
0

GET server_match
ad.360yield.com/ Frame 3016 0
0

GET rtset
bh.contextweb.com/bh/ Frame 3016 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 3016 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 3016 0
357 B 166ms
143ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_af30255e-36c3-432b-9698-c5193f1d0ce2
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 313A 0
0 149ms
97ms Document
text/plain 54.93.114.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.114.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-114-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 6CF5 43 B
443 B 123ms
85ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:58 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x29 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 02 Oct 2023 12:56:57 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 6CF5 42 B
677 B 144ms
105ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6CF5
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GAeVvscUb36wBHCtfSyOUgwdQqwlTEY2lFClIElBd2Y

43 B
479 B

238ms
237ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GAeVvscUb36wBHCtfSyOUgwdQqwlTEY2lFClIElBd2Y

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F5T0FAZ21BZ8SCE8VD6T
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=GAeVvscUb36wBHCtfSyOUgwdQqwlTEY2lFClIElBd2Y
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 6CF5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

0
291 B

178ms
177ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJi8EuaLTEaWqF-SNuRm0w8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6CF5 70 B
148 B 184ms
129ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 6CF5 43 B
145 B 145ms
99ms Image
image/gif 3.65.107.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.107.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-107-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6CF5 0
239 B 147ms
110ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 6CF5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

0
291 B

129ms
101ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
an-x-request-uuid: c531ba74-d108-43ce-8fad-d77dcd599b6e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2720646435057332847
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 6CF5
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

0
291 B

103ms
97ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1696251418350057-400
Expires: Mon, 02 Oct 2023 12:56:58 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 6CF5 0
75 B 170ms
133ms Image
text/plain 185.86.138.154
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:57 GMT
content-length: 0

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 6CF5 0
0 220ms
183ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 6CF5 0
39 B 157ms
103ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 6CF5 0
15 B 160ms
106ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 6CF5 0
409 B 200ms
146ms Image
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/szz1hcuSc6paivjsbSEJtaYw0cvaVogTwVH8cKqv6P0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 80fd1bc508be2a7c-CDG
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 sync
ads.servenobid.com/ Frame BC42 0
344 B 188ms
143ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=5055940178852268213&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET /
rtb-csync.smartadserver.com/redir/ Frame BC42 0
0

GET bsync
visitor.omnitagjs.com/visitor/ Frame BC42 0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame BC42
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1199171049558358106&gdpr=0&gdpr_consent=

0
0

GET e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame BC42 0
0

GET
H2

200

de7f831dc28d913eca0d82678fb04b4757b2f08068d86b19c6080568978db2b4 Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame B967
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/de7f831dc28d913eca0d82678fb04b4757b2f08068d86b19c6080568978db2b4

0
730 B

315ms
314ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/de7f831dc28d913eca0d82678fb04b4757b2f08068d86b19c6080568978db2b4
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80fd1bc9e82c2a7c-CDG
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 Oct 2023 12:56:59 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Mon, 02 Oct 2023 12:56:58 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/de7f831dc28d913eca0d82678fb04b4757b2f08068d86b19c6080568978db2b4
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8CA4 7 B
764 B 132ms
116ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LN8WAN9V-17-IY34
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame A4D2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=8087474952318471490&gdpr=0&gdpr_consent=

35 B
208 B

136ms
95ms

Document
image/gif

34.242.185.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=8087474952318471490&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Mon, 02 Oct 2023 12:56:58 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 02 Oct 2023 12:56:58 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=8087474952318471490&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

URnmbSKM Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame E644
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRq_GgAUwYSU4gBY

85 B
171 B

155ms
120ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRq_GgAUwYSU4gBY
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 3230
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 02 Oct 2023 12:56:58 GMT
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 20462
x-served-by: cache-ams21043-AMS
x-timer: S1696251419.707385,VS0,VE0

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 02 Oct 2023 12:56:58 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRq_GgAUwYSU4gBY
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ams21043-AMS
x-timer: S1696251418.412503,VS0,VE85

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame B911 170 B
188 B 173ms
153ms Document
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hZjMwMjU1ZS0zNmMzLTQzMmItOTY5OC1jNTE5M2YxZDBjZTI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 18F3 15 KB
6 KB 119ms
117ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=75364
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 02 Oct 2023 12:56:58 GMT
expires: Tue, 03 Oct 2023 09:53:02 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame F73C 70 B
148 B 134ms
132ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Mon, 02 Oct 2023 12:56:58 GMT
server: Kestrel

GET PugMaster
image6.pubmatic.com/AdServer/ Frame 1CE5 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 150ms
129ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21c351e016ac6adfb413bae370452fe72f5f0ed7ef8f271c3fd7d948e11ec839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 129ms
111ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

Google Tag Manager /

Resource Hash

9441f2063f687aeeeca7255f1d4f4081c074cf1f73fa6ec39a558cdd7f3be4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 02 Oct 2023 12:56:58 GMT

GET idsync
tg.socdm.com/aux/ Frame 5811 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame 24B3 5 KB
778 B 132ms
122ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=80823300061543604438446012465012&a=68999487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 11:05:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Oct 2023 12:56:58 GMT

GET /
hal9000.redintelligence.net/scale/ Frame 24B3 0
0

GET
BLOB 206
Partial Content 4ab411b1-1183-4ffc-9230-956cdf6e528a
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/4ab411b1-1183-4ffc-9230-956cdf6e528a
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content ddb9309a-002b-4509-a2b1-883fb1f0b484
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/ddb9309a-002b-4509-a2b1-883fb1f0b484
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8CA4 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame 0996 0
0

GET

usersync
usersync.gumgum.com/ Frame C94C
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://usersync.gumgum.com/usersync?b=rth&i=h5O3PXMwQQK4M8UerUSH&pi=gumgum

0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 81D1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

112ms
111ms

Document
text/html

88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Oct 2023 12:56:58 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 02 Oct 2023 12:56:58 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

300x250de.gif
ct.conrad.ch/content-chb2c/affiliate/banner/new_classic/ Frame CB74
Redirect Chain

https://www.awin1.com/cshow.php?s=2246404&v=11467&q=346430&r=414915&pref1=47064800085109904438260012465008&pv=0
https://ct.conrad.ch/content-chb2c/affiliate/scripts/aktionsbanner/cch_initialise_affiliate_banner.php?width=300&height=250&language=de
https://ct.conrad.ch/content-chb2c/affiliate/banner/new_classic/300x250de.gif

20 KB
20 KB

92ms
92ms

Image
image/webp

104.19.240.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.conrad.ch/content-chb2c/affiliate/banner/new_classic/300x250de.gif

Requested by

Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=47064800085109904438260012465008&a=6605e5fa

Protocol

Server

104.19.240.24 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e9b0e0fd386793c5e827b0f85dfb2e448c52a6193917086663953ffd3952464d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://hal90008.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 google
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 244
cf-polished: origFmt=gif, origSize=42218
content-disposition: inline; filename="300x250de.webp"
content-length: 20624
cf-bgj: imgq:85,h2pri
last-modified: Mon, 06 Feb 2023 14:19:50 GMT
server: cloudflare
etag: "a4ea-5f408b95ba211"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 80fd1bcd6ffe23df-ZRH
expires: Mon, 02 Oct 2023 16:56:59 GMT

Redirect headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
location: https://ct.conrad.ch/content-chb2c/affiliate/banner/new_classic/300x250de.gif
cf-ray: 80fd1bcc3e3923df-ZRH

GET ysm_bg3.js
ad.sitemaji.com/ Frame 2DF5 0
0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 79ms
77ms Image
image/svg+xml 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 89-187-169-39.bunnyinfra.net
Software: BunnyCDN-DE1-755 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:58 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: DE-664
cdn-cachedat: 09/06/2023 03:55:39
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-755
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: d6fec52b954da5a5a58be2f5a4a5759a
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 0
0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1eced514-813e-0974-3ccb-1dce3ad15b62

0
486 B

179ms
179ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1eced514-813e-0974-3ccb-1dce3ad15b62
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: YCKIQqrzbXTZQT0raNdPScLJsoGi9FSKXP62G0c_7q299-Mh8FDGGA==

Redirect headers

date: Mon, 02 Oct 2023 12:56:59 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=1eced514-813e-0974-3ccb-1dce3ad15b62
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame D020 0
277 B 98ms
97ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Oct 2023 12:56:58 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

0
532 B

190ms
189ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
x-reason: missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: RcyJMEziTTFN540VtuT0LiFqc6-gfiFaM45e6gMa1SP1o55FCiSTsQ==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date: Mon, 02 Oct 2023 12:56:58 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4275836739249394611088

0
487 B

179ms
178ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4275836739249394611088
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: gTLJP1C-VHUA_68Fei7FJSoOEqj3xT6n3PHxmULqRL9h718mywpP7w==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4275836739249394611088
date: Mon, 02 Oct 2023 12:56:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192

0
486 B

169ms
168ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: NyBgEuDkfoiEXtnjYjol7cEp8x0diIXsUH8OjacdEtRPzjZF4LS6uA==

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqRTtJLac3LyQq9KlgLs4nigBVwtAo29FJpivlrI8JDn9Ho8%2BEQSbPmp0wtBPI01i7TDL6kINIQQKne2CikI%2Fwq4S%2BeFuoh8zfd9G7ysoJuf3FOuswiqOBpin7i%2FGuBd3K5GSScPeS0aHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRq.FwGx7EBbbpg2QLa.1gAA%265192
cache-control: no-cache
cf-ray: 80fd1bc9fad1f0af-CDG
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D

0
487 B

174ms
173ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: 8EFTfLmC_HoGz0sXwfW0yXtIWnDFFfDrsdFFeHsvzouGKqACkkQFJw==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D
date: Mon, 02 Oct 2023 12:56:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 117
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame D020
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=c5775cce3847ef2009979a8161df3f7b

0
487 B

203ms
203ms

Image
application/javascript

18.66.112.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=c5775cce3847ef2009979a8161df3f7b
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.66.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-58.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: lz0HV_v60lfWmMET4LtzpK42EQ-txYP0yRWRPYFDdemBBSr4mHRIXg==

Redirect headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=c5775cce3847ef2009979a8161df3f7b
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 0
expires: 0

GET
H2 200 sync
ads.servenobid.com/ Frame D020 0
342 B 252ms
251ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=yVFvC_jzCp_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET viewability
hal90008.redintelligence.net/ Frame CB74 0
0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C43A 0
598 B 88ms
87ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:58 GMT
an-x-request-uuid: 00d6f054-afd2-44b9-82f8-756ea482a557
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 194.230.146.141; 194.230.146.141; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame 1607
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D

0
329 B

216ms
215ms

Image
application/javascript

18.214.104.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.214.104.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-104-9.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=2D94BCA8-D745-40E1-AA10-1C56B683BD7D
date: Mon, 02 Oct 2023 12:56:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET

cs
cs.yellowblue.io/ Frame 1607
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=788a348d745818cd6ee6c1a8a81f73f&gdpr_consent=&gdpr=0

0
0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 1607 0
34 B 154ms
153ms Image
text/plain 54.93.114.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.114.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-114-96.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 1607 0
341 B 233ms
232ms Image
image/avif 52.51.73.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=VC3Xk_jzCp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.73.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-73-145.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 bridge3.593.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame AAA2 723 KB
232 KB 77ms
73ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 395104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237116
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 23:11:54 GMT
expires: Thu, 26 Sep 2024 23:11:54 GMT
last-modified: Wed, 27 Sep 2023 23:10:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET client.js
s0.2mdn.net/instream/video/ 0
0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D16 40 KB
14 KB 277ms
277ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 02 Oct 2023 13:12:40 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 171 B
835 B 904ms
109ms XHR
application/vnd.apple.mpegurl 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
content-encoding: gzip
cdn-edgestorageid: 1048
cdn-storageserver: NY-267
cdn-cachedat: 04/11/2023 16:02:55
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:44:02 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 354
cdn-requestpullcode: 206
cdn-proxyver: 1.03
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 590af02d85a9294b61500c60672afcff
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 81D1 35 KB
11 KB 298ms
297ms Script
text/html 88.221.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 17300e76bedfa2eff7351d57018c9dc281d2b7bdb8beee83de14bc3c29933040

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 02 Oct 2023 12:56:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Oct 2023 07:34:42 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67050
Connection: keep-alive
Content-Length: 10473
Expires: Tue, 03 Oct 2023 07:34:29 GMT

GET
DATA 200
OK truncated
/ Frame CB74 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7651 16 KB
12 KB 242ms
242ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b5d144eb83e7c9066c2c660841bf2f984332e9e6e397b7fec3a4e1eee9b0509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12137
x-xss-protection: 0

GET viewability
hal900012.redintelligence.net/ Frame 24B3 0
0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8602 42 B
174 B 282ms
281ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMEqAFoQHskAxNeMtzk5JDNRxcAPljH4pXOE9nzNleQbF_GDV9srrOt1fJdTm4Dk_V4fq33TcKkJ3stgAWS2L1gCZhF9KHy09haO-0AWKxMGa_8oXrsgRaD6S628dW&sai=AMfl-YSw00j-IEg6yzH8hO1EZwAg3Qw4b3MlWc83v3vyqgc6dC8udteeqV_FDE8dx3atE5Yx0RQKwOIKPJlHCxRv_0lxRHLl8Yktm_Ja65WcgP6xekIf2Yz96DOL23Ov&sig=Cg0ArKJSzIG5PnX7OO6mEAE&cid=CAQSPADICaaNAnQGTaholQawmYSHt_SJ10qki2jy8BdJlaQwu7ap5bgBiA6VJxo1672L-m2xu3vBBYQi4W6RQRgB&id=lidar2&mcvt=1191&p=1110,650,1185,950&mtos=1191,1191,1191,1191,1191&tos=1191,0,0,0,0&v=20230927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2825066673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696251414571&rpt=3319&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://d7cd1e645c0958f4ed4c7e3381443470.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d86266fe-8e1e-4adc-85c0-7bd97bf2bd49
https://www.bg3.co/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/d86266fe-8e1e-4adc-85c0-7bd97bf2bd49
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK b925229f-ebc0-4e06-babf-59c5fb4f8852
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/b925229f-ebc0-4e06-babf-59c5fb4f8852
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK e227527b-44c5-4159-b14f-2015df5f0ce9
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/e227527b-44c5-4159-b14f-2015df5f0ce9
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 167ms
166ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je39r0&_p=1568887740&cid=1566437459.1696251412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696251419&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&dt=%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%20%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 24B3 0
0

GET 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 24B3 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7651 17 KB
6 KB 122ms
121ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 Oct 2023 12:56:59 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 81D1 7 B
764 B 83ms
82ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LN8WAN9V-17-IY34
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 97ms
96ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39r0&_p=1568887740&cid=1566437459.1696251412&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696251414&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&dt=%E3%80%8A%E5%8D%8A%E5%B0%8E%E9%AB%94%E3%80%8B%E5%B1%95%E6%9C%9B%E4%BD%B3%EF%BC%8B%E5%A4%96%E8%B3%87%E8%B4%8A%20%E5%90%8C%E6%AC%A3%E9%9B%BB%E9%A3%86%E7%A0%B4300%E5%85%83%E5%A4%A9%E5%83%B9%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:56:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 81D1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LN8WAN9V-17-IY34
https://usersync.gumgum.com/usersync?b=mag&i=LN8WAN9V-17-IY34

35 B
250 B

126ms
126ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LN8WAN9V-17-IY34
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 02 Oct 2023 12:56:59 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LN8WAN9V-17-IY34
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 886A 13 KB
5 KB 87ms
86ms Document
text/html 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:48:26 GMT
expires: Tue, 01 Oct 2024 12:48:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 912A 829 B
793 B 87ms
86ms Document
text/html 172.217.16.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f4.1e100.net

Software

GSE /

Resource Hash

eb70c23743973e0f3193a33e1c5d383e253a580daa837430ae0278781aec99db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ECVOFyNaKeComv-49BFdzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ECVOFyNaKeComv-49BFdzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 12:56:59 GMT
expires: Mon, 02 Oct 2023 12:56:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 75B7 0
41 B 86ms
86ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xh0OTw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 4 KB
1 KB 90ms
90ms XHR
application/vnd.apple.mpegurl 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:56:59 GMT
content-encoding: gzip
cdn-edgestorageid: 864
cdn-storageserver: DE-679
cdn-cachedat: 09/20/2023 03:54:27
cdn-pullzone: 829957
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 301
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: da7a7d6b22cc9d5fd584b070b5b84aab
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET viewability
hal90008.redintelligence.net/ Frame CB74 0
0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 912A 0
0 115ms
115ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=4456811993751838&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 337 KB
338 KB 93ms
92ms XHR
video/mp2t 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:00 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 09/12/2023 20:49:35
cdn-pullzone: 829957
content-length: 345356
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 510
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 1601d51a3cadb648ceb4385b458ca58e
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET viewability
hal900012.redintelligence.net/ Frame 24B3 0
0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B514 0
56 B 260ms
260ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkBIWF74aZeO7MPWUjuwPvMCi6AwAAAAAOAHgBAI&bg=!_P-l_7DNAAZN1Q_XbdU7ADQBe5WfOKJwsJ5nxpkJ1Ex8Zb7KOZdpOCkSm3XPYbtimCsFxtKCLeekGLfd3hMggfkv0wASAgAABkJSAAAAx2gBBwoAJzuTtQHm0SiJJErgm3b2S81_-r17uki6L5_3vLrNQjf2zxq7FUzf1ZkCx8KUBR4PmXTrQ4FiHfv7OYRznErPsDzJR45U3FN-5kJo5ATkKQqp3PZ0fOGCszbGaWfHrygj9IMGG-pv6jAVl0-LGDyLjhCDtLvPqZExb8Wf6E3KKuNML7GN4e4CbRN9CaYU_uvcsthuN3Us1cuqmGLhQyC_sdHqvewf1nSkuTc6hEDkiRmFq0LVCzwsoGBslWv7SjUzDkiUMX_N5p_pHXq7utXwMefP_7XHOjH9a3GN9iMYzQU7D7jmYmMyANbWBYggE-wm5hFIfVhrmoJSircP2kBlB7D64oKZN7psJTAYaa96tBgxrkRmEGPw_ABgdd8KSULKCs8HghhJQAs3QNSf0a8GUVkdu2L23eMc0s_Iru_sax0piCILJA0sQ-7W05MVdBRh-tRiV3b5RjQDuRt_pYjlYiQj2xK7UjiBfyvqFHDGQcgvi2Vr5qpfOz6QWjdxre1T3Fk-X_-ngJwxx0yYJk72rrtXg0A7aCevGFgteRVDs-9AhDRxefeotibXbmAhQB9kZDXso2U7u1WQB5YDU0jvS1LzXRT9XWQkWLs8dNOx17DTb1zqBqLEWomHDYdyDA5wqRT3YSv0sEoRzvu0xfIbe-7Ws7zK_n_ymzhM7178kuMlC6UUzuiZpYKYl5tOIYse-a7ze2VY59etifG9pkjeGaddl34ryGpxj01JHHkoNfsXdm9WLR47IHvI9DBXfwD-pyZXATLwKtFqhpbUln8QkyrKik1Dixh0g17_g2llQdibUUCAvoyeyr1eLNjsq8dJjiYK0LQytQXJI-lz_aPZAG5FCxEycYVYuOHGDlWxZuhPWNZw4FzdxuOksDX3snDeBDkNd6djwe1SXrrhvy8Xy_Kw58xrLDsYQsSGKWMhS7KSrNjCvwkBk663iGB4nanpVTWyU44gDEjUsJlSLLLW_bJlkKUpT84_pvjt3yxjDGkPLA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:57:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 886A 37 KB
14 KB 118ms
117ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Sep 2024 12:07:56 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
360 B 180ms
179ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=12611&tvi50=11906&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231002-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 78
date: Mon, 02 Oct 2023 12:57:00 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 75076
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21068-AMS
pragma: no-cache
server: nginx
x-timer: S1696251420.482357,VS0,VE78
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 318 KB
318 KB 95ms
93ms XHR
video/mp2t 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:00 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-654
cdn-cachedat: 07/19/2023 19:53:42
cdn-pullzone: 829957
content-length: 325240
last-modified: Wed, 19 Jul 2023 15:09:11 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 649
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: c75cf3b5c67975ec5e30f85b80cafacb
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6665 0
0 188ms
186ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=3413551041692007&bg=!rK-lr-DNAAYEJRtnJCU7ADQBe5WfOBpMdw8_KMkmz2WgnEnovS1rcYpWAHl3NitSfdp-J57iwettyqA9PsncK-mWckR9AgAAB25SAAAACmgBBwoAnKXcqXLmfopof1PXk2lSiB-cO_5qaHt0sNwPrSZIz6yvJIHP2PPhxVdLlWB7d2ItdYUU4Zymngd8EbSQkpi96c79sxDHRe6qqgm2WTVxAOJF3XA87eK01pWuWMUXmiID5Ghnk2NVOgsy1pgjTsjbhpf5rsArsPut5FBYXiUUvKGotWX96yB2rFoEoefixjh60X3AexWYpBkJFvnhtJkCyu9M2e87XLpDG2pJUr6exYq_aMp-bUNQcSMtiHaKkPu-cISwGDQKlcfeYCqNmaKcvk-BnDjeFyJkJAiC6XNcg_1dx13GPz67zHIJ_1VU-batNSP2SJD98W1OnsknR2vSswUP0DEgjVZGijxVlq1BiKqNSEm1VfMatqq8L6XRK7OVhhPqHTQIVIELKFQY3PN6ps-VP8i4ZkClN0b9hmw5MAwbwrgfw_6pXoUTDIZeStpwwextuFs0tNYS84cL7YXiI9UoVIeWCL5qTXmk23LRgXeYedT-hlyo-rs8tEsCh84xzqCs5QmnwNJhgfcQkPaHG6x_t8O9mrCnN36w1V9S0JpSw9smg1lSRNtLo8s0txIqJLsS4iJ_-ILfMABgj1Q15BGl4deZ9252pmYqff5cYrQmdoNjYBxXsoxlhz8aTxLuc0Ploc1z9nJNSd2bScQewo9cSz7BS72MqgeiFfr8W6BpPQY9kTxS-nfDexdpsXLGE4HZSs4G4OIIeR3PF0-EFAEaT6oGQ1X3hdoL1oS4KxZEJ_ArmdaOkks3Ga5uYMctO5K_KsDs39gAHTm5jk9QA64lm7c1fh0Jy8lBM3XYdT1RItHDdCLfqxVdNgMyuFertMnul1fjZa5IkbinZQvxsjESqEgp-c2hjd8OYGZ0SX5r9lbgF-ZX10grZyxeF6tmOLmSXQnDPjThNhrS3NUv8_6dMxWLgdZ_1ZNebRoptBLfgnUdvL8Uxz36CWIa3EITS4AGCvjEGqJ6fwNHuzActYAxzXQI2lMtlT3PtUNHrprB-aSTF6X-55DgWrq2XTXwBIuuhiHZstotA59JyEnTM5LuMyzTq3dEmB8q15YWh5Sfuv0fFPq7r1vkmGnbSsLrRtm2ZamApaX3M3_3rQLnupkG1cnm_h9MapCAL59K2Tj2eT_HVA6tfi81gaawcOiPx_mgXz-sToJT5w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C41 0
56 B 181ms
181ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7159951042969&version=m202309120101&ct=77&x=38&cor=17315597703132428000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:57:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C41 42 B
108 B 299ms
298ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4vkV3IzJ550RZ9K0hjMOBFgPcx_jOCf2OIyNAlCDmYxhZBp1IvXfjSxF9DRopkgL5Z4gSa1k7w3TeVl7MkWVY9Ly5AnKuVK4Twyn89-xAZ_o&sig=Cg0ArKJSzK9x6ayxCQ0wEAE&id=lidar2&mcvt=1110&p=0,0,250,300&mtos=1110,1110,1110,1110,1110&tos=1110,0,0,0,0&v=20230927&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=32&adk=1820442031&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696251415316&rpt=4605&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Oct 2023 12:57:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 886A 0
39 B 86ms
86ms Image
text/plain 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QwHDBw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/ban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra02s19-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 391 KB
392 KB 90ms
90ms XHR
video/mp2t 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:01 GMT
cdn-edgestorageid: 755
cdn-storageserver: DE-664
cdn-cachedat: 08/02/2023 03:56:22
cdn-pullzone: 829957
content-length: 400064
last-modified: Fri, 09 Dec 2022 05:43:17 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 86
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: cf27c853b50b9508a41de71ce09dd684
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AAA2 156 B
351 B 296ms
277ms XHR
text/xml 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&vpa=auto&vpmute=0&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=62F94D51-05C5-4B43-A05E-F7FC4CCB5C3D&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44801604&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fban-dao-ti-zhan-wang-jia-wai-zi-zan-tong-xin-dian-biao-po-300yuan-tian-jie.html&dlt=1696251410315&idt=9327&dt=1696251421446&cookie=ID%3Dfa20ea4f4b947fe9-226b887174e400be%3AT%3D1696251412%3ART%3D1696251417%3AS%3DALNI_MZDRYc4ktLFMx_Jnt3ol2fHKwTcmQ&gpic=UID%3D00000c8a4aee29c9%3AT%3D1696251412%3ART%3D1696251412%3AS%3DALNI_MbiYfhUqktB9sCoxfRQ7TnVFnA0Yw&correlator=4055400459195111&scor=3161084133340837&ged=ve4_td11_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 320 KB
320 KB 129ms
129ms XHR
video/mp2t 138.199.37.230

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by: Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 -, , ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 12:57:01 GMT
cdn-edgestorageid: 860
cdn-storageserver: DE-576
cdn-cachedat: 07/16/2023 19:53:18
cdn-pullzone: 829957
content-length: 327308
last-modified: Fri, 09 Dec 2022 05:43:14 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 276
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: bbe641e6716c54963747430794ee8a06
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8602 0
56 B 267ms
266ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3033590059768&version=m202309120101&ct=77&x=1&cor=11929537762369071000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS