www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

URL: https://pflegewegweiser.ch/lohnrechner/
Title: Pflegewegweiser

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=05ea6353bf91828d5257aa60f070b6cd&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~8949878885367310941~~dfA6Jc0uqdT8hIk0PVx4Lv8dYrhjbAF5YQE1MTrtkD_noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwbF5dAaEyAzK1rmtmiYrKux5uvauJoro326YYkoNKHLQiUg2uko8wRenrLzYt6uCb7400fuNkD8AOXIiqFXwoTNhMhrfRGxFp4J6vL_4sEcOQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=d14f7f30a6cd54a8fc4c4a418373da1557054bed6b8d&redir=https%3A%2F%2Fpflegewegweiser.ch%2Flohnrechner%2F%3Futm_source%3Dtaboola%26utm_medium%3DDiscovery%26utm_campaign%3D27884668%26utm_content%3D%7Bad_id%7D%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo54-4uYPL7eqeAQ%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo54-4uYPL7eqeAQ&vi=1695610764769&p=taboolaaccount-sebastiangoeritzentyrede&r=16&tvi48=-48&tvi50=12238&lti=deflated&ppb=CDA&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Mehr erfahren

URL: https://2mbxk5.llsdzktnxwnnr.com/
Title: Außensauna | Gesponserte Links

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

URL: https://trck.tracking505.com/4c1d5426-1c3c-41c4-8088-da7147a422c9
Title: Containerhäuser | Gesponserte Links

URL: https://pflegewegweiser.ch/
Title: Pflegewegweiser

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=b5079bfee1a5775ab78df846ec46a908&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~6122005176139597386~~cR7t8JP_LjmbV9rFTVeQb_8dYrhjbAF5YQE1MTrtkD_noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwWZGzJ9eOGQsLr1OEUa5q2B5uvauJoro326YYkoNKHLQiUg2uko8wRenrLzYt6uCb7400fuNkD8AOXIiqFXwoTNhMhrfRGxFp4J6vL_4sEcOQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=9b3dfe7a733cada63b56c142f1fdd1827c2564be10bf&redir=https%3A%2F%2Fpflegewegweiser.ch%2F%3Futm_source%3Dtaboola%26utm_medium%3DDiscovery%26utm_campaign%3D27884668%26utm_content%3D%7Bad_id%7D%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo19uMs9iW5a1a%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo19uMs9iW5a1a&vi=1695610764769&p=taboolaaccount-sebastiangoeritzentyrede&r=18&tvi48=-48&tvi50=12238&lti=deflated&ppb=CNcE&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Mehr erfahren

URL: https://99t10c.pzzqvpjlfkbmb.com/
Title: Fertighäuser | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=0161722c97ddd760acd55af9e03d5b77&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~-8655102551711630998~~l5-3m7r05X0k60oOlri3bMOSm_HeVGS9YnVD5zHvYTx9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l15l1mVd4DmaUfz5E2bcg-kn9dx0QgIkBBd2_R8JmB7o2ym6c-n9v_EKnUJWUIcRxLSvTNpboX6l-tOOh33As62CUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=ebfe5703abf67fc169d3ce46bbc4070020165542f644&redir=https%3A%2F%2F99t10c.pzzqvpjlfkbmb.com%3Fsubid1%3D25232678%26subid2%3D3694492587%26subid3%3D1524057---delimjuwe---palmate-bg3co%26subid4%3Dtaboola-GiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDUgl8ojazXn8nwt_BQ%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DKloten%253A%2BUnverkaufte%2BFertigh%25C3%25A4user%2Bwerden%2Bfast%2Bverschenkt%26click_id%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDUgl8ojazXn8nwt_BQ%26dpco%3D1%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDUgl8ojazXn8nwt_BQ%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDUgl8ojazXn8nwt_BQ&vi=1695610764769&p=happystory-search-prefabricatedhouses-cr&r=28&tvi48=-48&tvi50=12238&lti=deflated&ppb=CC4&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Jetzt Suchen

URL: https://xgszb2.zbrjtstrclnm.com/
Title: Abandoned Houses | Gesponserte Links

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=0161722c97ddd760acd55af9e03d5b77&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~2781796006523480948~~k3czYjkmhtnOMZgAi-bDxGoi0u1cJAo-Ov8cre3MjnRyNpbgedRdYuhjTdtdbeHkc727pjYrZ0dbCVZs27M8_9qMRv4AA_Pi_AZHIOldgPMudkUlToCGc3Rtl29LOvG_RdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=491f88254fa8726b9d7e9b9683044767c552ca112798&redir=https%3A%2F%2Fxgszb2.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25057335%7Cpalmate-bg3co%7C3691233993%26subid2%3D1524057%26subid3%3DKloten%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26subid4%3Dch-de-tb-pavel-abandonedhousespr-100523-all-v1%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DKloten%253A%2BNicht%2Bverkaufte%2Bverlassene%2BH%25C3%25A4user%2Bwerden%2Bfast%2Bjedem%2Bgeschenkt%26click_id%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCD89Fwoju_l7_X4sLO1AQ%26dpco%3D1%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCD89Fwoju_l7_X4sLO1AQ%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCD89Fwoju_l7_X4sLO1AQ&vi=1695610764769&p=tarzomedia-abandonedhouses-sc&r=95&tvi48=-48&tvi50=12238&lti=deflated&ppb=CC4&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Jetzt Suchen

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=9439738ee4ffef24eab598697e581db0&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~8949878885367310941~~6N5vWkLzdasf04VI27_KH_8dYrhjbAF5YQE1MTrtkD_noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwc0_HlffE-hA59OofEvQBlF5uvauJoro326YYkoNKHLQiUg2uko8wRenrLzYt6uCb7400fuNkD8AOXIiqFXwoTNhMhrfRGxFp4J6vL_4sEcOQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=1a9d32367e610bb7812a3a334ae25b8a96107a9da31a&redir=https%3A%2F%2Fpflegewegweiser.ch%2Flohnrechner%2F%3Futm_source%3Dtaboola%26utm_medium%3DDiscovery%26utm_campaign%3D27884668%26utm_content%3D%7Bad_id%7D%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo9t-_3K2tn5jDAQ%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo9t-_3K2tn5jDAQ&vi=1695610764769&p=taboolaaccount-sebastiangoeritzentyrede&r=56&tvi48=-48&tvi50=12238&lti=deflated&ppb=CIUC&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Mehr erfahren

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=f3751d57a050bb930e6afc759eaeb159&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~6122005176139597386~~g_acTnVZywE8qxIRbMqjiP8dYrhjbAF5YQE1MTrtkD_noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwTigu41zGuNgzhjLo1uYUXp5uvauJoro326YYkoNKHLQiUg2uko8wRenrLzYt6uCb7400fuNkD8AOXIiqFXwoTNhMhrfRGxFp4J6vL_4sEcOQQmOD5A8UG6LyJMqijFljJxFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=49150e0b88f039267ef2cb505f5e456a9c842c546f92&redir=https%3A%2F%2Fpflegewegweiser.ch%2F%3Futm_source%3Dtaboola%26utm_medium%3DDiscovery%26utm_campaign%3D27884668%26utm_content%3D%7Bad_id%7D%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo1OP9tIKjla8l%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIo1OP9tIKjla8l&vi=1695610764769&p=taboolaaccount-sebastiangoeritzentyrede&r=41&tvi48=-48&tvi50=12238&lti=deflated&ppb=CI8C&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Mehr erfahren

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ri=b44d821fad7ef4074a94790b0846e150&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&it=text&ii=~~V1~~8949878885367310941~~5QqWi69diTwar2gS-gQtsf8dYrhjbAF5YQE1MTrtkD_noZueAsnM0UTkqRiz-o8uV9GNaet_FWxUAZ9PPPsFwTdzhTfQ2L2ioHLY062-4JB5uvauJoro326YYkoNKHLQiUg2uko8wRenrLzYt6uCb7400fuNkD8AOXIiqFXwoTNhMhrfRGxFp4J6vL_4sEcO0DienrMXtv3R6ZWqDZ1725xFtVj1S2j8Uvlszv9Rgm8&pt=text&li=rbox-t2v&sig=190a935f86aa84081dd4d77684a0e327b2e8ca1f4b81&redir=https%3A%2F%2Fpflegewegweiser.ch%2Flohnrechner%2F%3Futm_source%3Dtaboola%26utm_medium%3DDiscovery%26utm_campaign%3D27884668%26utm_content%3D%7Bad_id%7D%26tblci%3DGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIoz4mWzcWGyMzoAQ%23tblciGiAug6xjTt5LSL6HqcLrMgAO7_AnUs_4yeTiXDAYZR6FbCDSiGIoz4mWzcWGyMzoAQ&vi=1695610764769&p=taboolaaccount-sebastiangoeritzentyrede&r=82&tvi48=-48&tvi50=12238&lti=deflated&ppb=COcE&cpb=EhMyMDIzMDkyMC0yNy1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAxNzE4gLSq-AFAstANSNCIEFDnktsDWP___________wFjCND__________wEQ0P__________ARgwZGMIs0YQzl8YMmRjCP4WEIogGBNkYwjXFhDVHxgjZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwj7TRD6Zhg4ZGMI7wMQpQkYCWRjCPX__________wEQ9f__________ARgLZGMI6yQQgDIYHWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgBpvyb0qwx&cta=true
Title: Mehr erfahren

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 53

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 54

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 112

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D29feae3f-6329-482d-b673-5b59899bdfb4%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=29feae3f-6329-482d-b673-5b59899bdfb4&p_id=23

Request Chain 113

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=29feae3f-6329-482d-b673-5b59899bdfb4&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-3750641340042183651 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=1487d990-9035-520c-b5a7-bd0dd0b74a82&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=551fb62f-77b0-4afe-8782-b7992efe91d1&p_id=15

Request Chain 138

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LMYAVCFP-J-M5A6&gdpr=0

Request Chain 139

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2402692138260763539

Request Chain 140

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=a5e2a2b1962789e9ef4084ebae4afe21&gdpr_consent=&gdpr=0

Request Chain 142

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABispHAgw9X7gjVkNsaOb_drBT0j9ibufKrQ

Request Chain 143

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=7440678421575996197

Request Chain 145

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4

Request Chain 146

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVBOTk0OTctOTM5NC00RERBLUFENUMtQkFBQzAwREM4QzIy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECu20Q0yVPn-Ud3aXBrp8nY&google_cver=1

Request Chain 148

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-qkGupNpE2uEaAlcrlCx8kpPmm_R4LZQZow9FPz0-~A

Request Chain 150

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725412450400&expires=30&ssp=onetag HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&us_privacy=

Request Chain 151

https://ad.mox.tv/delivery/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5 HTTP 301
https://ad.mox.tv/delivery/v2/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5

Request Chain 152

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMYAVC9L-W-8BLJ HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMYAVC9L-W-8BLJ HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 153

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i-AQu_ImRjO6zXF7IVQdag&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=i-AQu_ImRjO6zXF7IVQdag

Request Chain 154

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1ZQVZDOUwtVy04QkxK HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOdH8mBJYWvCAsGsLXX92EQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1ZQVZDOUwtVy04QkxK&google_push=

Request Chain 155

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/cY4ziaoBXxmVsLQWElHnMg?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7ewjQ0VE2oIOPzUjL8HZSb0jKWVE9gFbEo8k7w--~A

Request Chain 156

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE2MTdhNjQ2ODMyYzcxZjRhYTg2OGRhNzc3YTk0NmZjYWJkMWY0ZA

Request Chain 158

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMYAVC9L-W-8BLJ

Request Chain 159

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B5Rz_ppUR3-xOY7GSwuLag&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B5Rz_ppUR3-xOY7GSwuLag

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIblXmghjrw2yPIk_VCNOSc&google_cver=1

Request Chain 194

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

Request Chain 201

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1

Request Chain 243

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRD3kMJnEoJxRHhJAdqIKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1

Request Chain 281

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXKwWDAdn8pfKtM-gMEh1E&google_cver=1&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyOd9EDFGNdkL6IL4AXslN1 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXKwWDAdn8pfKtM-gMEh1E&google_cver=1&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyOd9EDFGNdkL6IL4AXslN1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5OTk3NzMxNzU0NTE0MjM5NA&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyOd9EDFGNdkL6IL4AXslN1

Request Chain 282

https://ads.yieldmo.com/exptsync?google_gid=CAESEAh6VjOW2O-IKKMZhjLcI1o&google_cver=1&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA&google_hm=M1J4U1FWVjg4MFZTMVphTW9WdHM=

Request Chain 283

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPWNdh2F3rAn8ODCdGedZfA&google_cver=1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1695610770558 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg%26google_hm%3DA7O3AzsJw0SDsDXFs9_Jq1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&google_hm=A7O3AzsJw0SDsDXFs9_Jq1k

Request Chain 285

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIISrObqOIHe1433Zd1di44&google_cver=1&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi-TLDGyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi-TLDGyw&google_hm=NTE0MjMzNjcyNTQxMjQ1MDQwMA==

Request Chain 286

https://trace.mediago.io/cs/google?google_gid=CAESEFk1uHxWUH-V4Tl81hhz9Mk&google_cver=1&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrrgPU-mI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrrgPU-mI&google_hm=f34e9699b96dc12c16kdxa00lmyavgcf

Request Chain 289

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 290

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENBRstC-JOjmR6NPBXXhmCA&google_cver=1&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseuGF8bLpdnzneMw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0XTRd__XixJf2QPcFUibx8KmgA&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseuGF8bLpdnzneMw

Request Chain 291

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENgvd4o93HkOtxLSeRD41Co&google_cver=1&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENgvd4o93HkOtxLSeRD41Co&google_cver=1&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw&google_hm=HYMTuGZHaiMADsI2QaO2ipHr

Request Chain 292

https://match.360yield.com/match/ebda?google_gid=CAESEEFr4MyUKgQnRnnGPsyBSqY&google_cver=1&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayvL8-Z4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEFr4MyUKgQnRnnGPsyBSqY&google_cver=1&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayvL8-Z4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LJk9_HevS06Ec1mPTOpbmA&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayvL8-Z4

Request Chain 293

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGRqpDwKP_VCa_LWk4AEM0s&google_cver=1&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQwECcLUKblpEitXq2_zfcEE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQwECcLUKblpEitXq2_zfcEE&google_hm=NzQ0MDY3ODQyMTU3NTk5NjE5Nw%3D%3D

Request Chain 298

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

Request Chain 318

https://adpushup-d.openx.net/w/1.0/pd HTTP 302
https://adpushup-d.openx.net/w/1.0/pd?cc=1

Request Chain 330

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=7c94d72bddeadabef6f29337a85b1e89&gdpr_consent=&gdpr=1

Request Chain 333

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE

Request Chain 367

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 372

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=2402692138260763539

Request Chain 373

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=HYMTtRZHyiPEYDqCSXSgwWub

Request Chain 375

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1884165914 HTTP 302
https://sync.1rx.io/usersync/turn/4547393657392022718?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003

Request Chain 376

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5142336725412450400

Request Chain 377

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=332&uid=23f56c3e-d13e-4301-b082-5fd3a3a02fa1

Request Chain 378

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 379

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A

Request Chain 380

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-6a5d7b32-c3c3-3424-980f-08c533c07c5a&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid1YS02YTVkN2IzMi1jM2MzLTM0MjQtOTgwZi0wOGM1MzNjMDdjNWEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS02YTVkN2IzMi1jM2MzLTM0MjQtOTgwZi0wOGM1MzNjMDdjNWEyAiIOOAE=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 381

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A

Request Chain 383

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 384

https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D HTTP 302
https://ads.servenobid.com/sync?pid=328&uid=b56acbd1-293c-4175-be1a-49671cbc756f

Request Chain 385

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1 HTTP 303
https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-eP5kfbVE2uGBWZpHjJQIndhJcmWY821H~A&gdpr=0

Request Chain 386

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6832053206 HTTP 302
https://sync.1rx.io/usersync/turn/4331220875278238910?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003

Request Chain 389

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHB5fSIgGaaWIe-e1rW8WbA&google_cver=1

Request Chain 391

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4475336063354094782

Request Chain 392

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRD3lQAPrNQWvABV HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRD3lQAPrNQWvABV&_test=ZRD3lQAPrNQWvABV

Request Chain 393

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=qvB4xjaFtE6Ov6BSLpEa&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1

Request Chain 394

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1859536638041122564&expiration=1696820382

Request Chain 396

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G28nyEttL8kAbCPLTjk7nh9rIMEAa3SZHGiuUglD

Request Chain 397

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1112457790386557703

Request Chain 401

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDgMB_I9FP8B-VjEnVKZGJ0&google_cver=1

Request Chain 402

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/1487d990-9035-520c-b5a7-bd0dd0b74a82

Request Chain 408

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/18331f8f99e3314a4ce5cdb2938c95bc5b8a576bb3067c2cd437fb541470db27

Request Chain 410

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2402692138260763539

Request Chain 411

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADf-k7KIe8AABloTdCZzw&expiration=1696820373

Request Chain 412

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB

Request Chain 415

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 417

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292

Request Chain 424

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/9c68341e9e990e5911371bbc8a77a6?gdpr_consent=&gdpr=0

Request Chain 427

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID} HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smartyads/13286729b3c841216d3917a33841b1986a6d522a295235b8e39d6f50a1170714

Request Chain 438

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZRD3lQAPrHgWAQBV HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRD3lQAPrHgWAQBV&gdpr=0&gdpr_consent=&_test=ZRD3lQAPrHgWAQBV

Request Chain 441

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7440678421575996197&gdpr=0&gdpr_consent=

Request Chain 445

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=6e2735dae60a74e1aeae326bd91328&gdpr_consent=&gdpr=0

Request Chain 446

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Request Chain 455

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4170617855687717620217

Request Chain 456

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292

Request Chain 458

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

Request Chain 459

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=8e976b46-a766-0a5d-2082-39284e4766f2

Request Chain 460

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fb478d3faef3420272743e96d0e11a7f

Request Chain 461

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Request Chain 464

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2402692138260763539

Request Chain 465

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8131dfe4-8060-4938-8e59-0e151c51c90e&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 466

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nBImKQrAaq93S8fSitS0aVs-mm6AJCbG9x3pkT901mOHD1BGmLRoz4mBflPcqBjT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nBImKQrAaq93S8fSitS0aVs-mm6AJCbG9x3pkT901mOHD1BGmLRoz4mBflPcqBjT%29%26gdpr%3D0

Request Chain 467

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=e0f32d32-f0e1-0d5f-3f61-3032c614ed51

Request Chain 468

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-2745d345-dfff-5e2c-497f-640f7055226f$ip$31.10.154.0

Request Chain 469

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-GbL0NslE2pdyoKoWIQ5SkTOqyxJfF8s1Z6fS~A

Request Chain 472

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8131dfe4-8060-4938-8e59-0e151c51c90e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=Tfup69UWsbAyxebn7ZN6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDGOVYDMOKVK5ZWEQLZPBSWE3RXLJHDMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDGOVYDMOKVK5ZWEQLZPBSWE3RXLJHDMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tfup69UWsbAyxebn7ZN6&us_privacy=1---

Request Chain 473

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=2c993dfc-77af-4b4e-8473-598f4cea5b98

Request Chain 475

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=7440678421575996197

Request Chain 477

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=1859536638041122564&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D

Request Chain 478

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZRD3lQAPrNQWvABV&gdpr=0&gdpr_consent=

Request Chain 482

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZRD3lsCo5swAAFKbqPwAAAAA

Request Chain 484

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=uV9seuszjORJRcEc953s&pi=gumgum&tc=1

Request Chain 485

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 491

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMYAVC9L-W-8BLJ HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LMYAVC9L-W-8BLJ

Request Chain 520

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CJS-z1iWts4Tl7rMXcKimQyQucYTkO2eD5MWmJzJ HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 521

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2402692138260763539&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 523

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0XTRd__XixJf2QPcFUibx8KmgA&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 525

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZi1rN0tJZThBQUJsb1RkQ1p6dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AADf-k7KIe8AABloTdCZzw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7440678421575996197&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AADf-k7KIe8AABloTdCZzw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7440678421575996197%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Request Chain 526

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 530

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725412450400 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 537

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JamUl5OUTdqtXLqsANyMIg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 541

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 543

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1859536638041122564 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 545

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F53eG.NE2uU3dhCxXZmBH1mFykN2XB8-~A&gdpr=0

Request Chain 547

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=da0563dd-315a-41fc-8028-808cd3770a70&ssp=pubmatic&expires=30&user_group=5&bsw_param=551fb62f-77b0-4afe-8782-b7992efe91d1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 550

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4547393657392022718&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 556

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CJS-z1iWts4Tl7rMXcKimQyQucYTkO2eD5MWmJzJ HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 557

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2402692138260763539&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Request Chain 562

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 566

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725412450400 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 581

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8884157880

Request Chain 582

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:4F36AC0023DD4395B979C7EDFA7C199E&gdpr=0&gdpr_consent=

Request Chain 585

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=25A99497-9394-4DDA-AD5C-BAAC00DC8C22&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=25A99497-9394-4DDA-AD5C-BAAC00DC8C22&sInitiator=external&gdpr=0&gdpr_consent=

581 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html Show response
www.bg3.co/a/ 51 KB
13 KB 1620ms
644ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0420e38398e9bec7634da0752b31e2bffb33fca3c34392d34fe24bc96f4cd4fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 02:59:21 GMT
etag: "cc7c-ucwVNAKkZwAHn6uIr6XW3kNHrNU"
expires: Mon, 25 Sep 2023 03:00:21 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 664ms
189ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 02:59:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73017
x-xss-protection: 0
server: sffe
etag: "1fbcd51b50b3cf51"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 25 Sep 2023 02:59:21 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 618ms
145ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 25 Sep 2023 02:59:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9641
x-xss-protection: 0
server: sffe
etag: "c9c47f39b31037df"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 25 Sep 2023 02:59:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 611ms
146ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efc68b606076d0f75f2ed12cec668aae7f617e50bedb5cb5bf1b7cff884cfada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29325
x-xss-protection: 0
server: cafe
etag: 173 / 19625 / 31078106 / config-hash: 1630024442603502270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 683ms
128ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b9be3f87346f51a3e629381b50ce08882102c07be3c749f65c29098d52d05191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 02:59:21 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 583ms
93ms Script
application/javascript 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 14:07:57 GMT
server: cloudflare
age: 739
etag: W/"650d9fbd-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 80c002bcdbc5bae8-MXP
expires: Mon, 25 Sep 2023 14:47:02 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

583ms
116ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11575
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORLZa9hS9kxEmAlpr%2BOPZcapO2V6T90v29CqD5aOOIlu4Irng1h6czSuS%2BdfhkR2TG67zvcHxnVAw3vju1o%2BeBqDx7dGppzD5Ux5ofcEV9zuw1bIHgzJH2nQsKRfyVXY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 80c002c32d170e2b-MXP

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 1599ms
486ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e5418455c8aeb00641fe667756925987132c1054275a3d2065399105691fb277

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Mon, 25 Sep 2023 03:59:22 GMT
date: Mon, 25 Sep 2023 02:59:50 GMT
content-encoding: br
x-ap-device: DESKTOP
last-modified: Sun, 24 Sep 2023 07:00:54 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
x-client-device: desktop
x-client-geo: CH

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 680 KB
142 KB 853ms
181ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC5) /
Resource Hash: 53d09a5c34ca45cdcb5dbc82d2bda9d99108b62e80eabea6327489155dc89a4d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 25 Sep 2023 02:59:21 GMT
content-encoding: br
age: 219170
x-cache: HIT
x-client-device: desktop
content-length: 145165
x-ap-device: DESKTOP
last-modified: Fri, 22 Sep 2023 11:42:53 GMT
server: ECAcc (frc/4CC5)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: CH
accept-ranges: bytes
expires: Mon, 25 Sep 2023 03:59:21 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 562 KB
54 KB 655ms
377ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 791bf692441e56ace35fea8f1af437dd2e8b0fb2396ca210d06239a82992232d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4x0Q5zGRPep6Lm1xQ5_zJwb1K3F40dRP
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:22 GMT
x-amz-request-id: 24ADRW5S1RX2ZM10
age: 22
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 55285
x-amz-id-2: x/wWSIciafM3GbTvuaTHHtHpfisRiRQ47gfqAytqEMGv7eeynLu+OEfN6fUn4824WqzqnpdEJ4E=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:51:46 GMT
server: AmazonS3
x-timer: S1695610762.407045,VS0,VE1
etag: "f8d2b56ff7463e32264cba3a305d761d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
591 B 272ms
263ms XHR
application/json 104.20.218.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=B2215117A4DC4FF3B0391AD22460E2BB&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&t=%E8%87%BA%E7%A9%8D%E9%9B%BB%E5%9F%BA%E9%87%91%E6%9C%83%E6%8D%90%E8%B4%88%E4%B8%AD%E5%9C%8B%E9%99%84%E9%86%AB%E3%80%8C%E9%9B%B6%E6%8E%A5%E8%A7%B8%E9%98%B2%E7%96%AB%E6%8E%A1%E6%AA%A2%E7%AB%99%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2229&sc_rum_e_e=2233&sc_rum_f_s=0&sc_rum_f_e=2227&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.218.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 80c002bddc6fbae8-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET 8f18601a6973a307cc76d8f11fc82c39.jpg
static.bg3.co/imgs/202309/ 0
0

GET 787572e898760377f5316fae654aea70.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8df785cc36ce98538e92ec911e8a7c27.jpg
static.bg3.co/imgs/202106/ 0
0

GET 87b633b7df662e5384ceb5e0118c51d3.jpg
static.bg3.co/imgs/202106/ 0
0

GET c8a4f4a190190333590f6b0b4481e874.jpg
static.bg3.co/imgs/202309/ 0
0

GET 3dc6cb9f50fc82ac29cf6e81ce2dca82.jpg
static.bg3.co/imgs/202105/ 0
0

GET 63cc6b814c2d5a39001586e33039a0ed.jpg
static.bg3.co/imgs/202105/ 0
0

GET 6973e8ee6043307890768b8136f285fd.jpg
static.bg3.co/imgs/202105/ 0
0

GET c4cd5d9a16ce75f5d4fda0804433b462.jpg
static.bg3.co/imgs/202105/ 0
0

GET 01afcefcae4680751c1f3fdf4e093049.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7c5fcd2636207c84204895729a87ca7f.jpg
static.bg3.co/imgs/202106/ 0
0

GET 6267df9ac31e777334b96c34ea038059.jpg
static.bg3.co/imgs/202309/ 0
0

GET 3b848bb353da5fe420d4fb85ef292cea.jpg
static.bg3.co/imgs/202105/ 0
0

GET 63b14f865f0d414ec61fe86ae67b0b81.jpg
static.bg3.co/imgs/202106/ 0
0

GET d316cbe4ecab24a85aa40eedc2ee5e47.jpg
static.bg3.co/imgs/202105/ 0
0

GET de22133f5e8a562676c792c35908a5c8.jpg
static.bg3.co/imgs/202107/ 0
0

GET c4612ea38a23ab347dad6502017ce8ec.jpg
static.bg3.co/imgs/202105/ 0
0

GET b41a343d968e2d4b81ca36d68cec4c54.jpg
static.bg3.co/imgs/202107/ 0
0

GET 20a7256b63b6ffca6f3a3f2439fc0332.jpg
static.bg3.co/imgs/202106/ 0
0

GET a51d1efa0c24421d0b1a271bb35e9f13.jpg
static.bg3.co/imgs/202107/ 0
0

GET f7f7cd27c91f9f4af4a5abd1f18cdba2.jpg
static.bg3.co/imgs/202309/ 0
0

GET e2439c3f55c68e901474e04b5a876c69.jpg
static.bg3.co/imgs/202106/ 0
0

GET 1e9cec16cd4eab57d940df2ef3f3710a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 83fd2ff9cc75c03e06ad199f0ca5becc.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2ec656d927fdcfc754db5a9b7151d6ec.jpg
static.bg3.co/imgs/202309/ 0
0

GET ba0834a57395b5f568371a7d30485f3a.jpg
static.bg3.co/imgs/202110/ 0
0

GET 60715dce73f2b3ebe7354388fbc4fd63.jpg
static.bg3.co/imgs/202106/ 0
0

GET 44e0c20189a89472ce2ae2c91a68236a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 011296f3454aed93d75e787f8d7e7e76.jpg
static.bg3.co/imgs/202107/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309082229000/v0/ 8 KB
4 KB 657ms
104ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:43 GMT
age: 460661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "a25d3dc3efab77a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:43 GMT

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309082229000/v0/ 12 KB
4 KB 324ms
108ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:43 GMT
age: 460661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
server: sffe
etag: "178fe5d904a50e55"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 530ms
103ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39k2&_p=983468293&cid=812447560.1695610762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695610762&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=%E8%87%BA%E7%A9%8D%E9%9B%BB%E5%9F%BA%E9%87%91%E6%9C%83%E6%8D%90%E8%B4%88%E4%B8%AD%E5%9C%8B%E9%99%84%E9%86%AB%E3%80%8C%E9%9B%B6%E6%8E%A5%E8%A7%B8%E9%98%B2%E7%96%AB%E6%8E%A1%E6%AA%A2%E7%AB%99%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/ 409 KB
129 KB 260ms
257ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53709
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131874
x-xss-protection: 0
server: cafe
etag: 11000565836845060056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Sep 2024 12:04:15 GMT

GET
H2 200 impl.20230920-27-RELEASE.js Show response
cdn.taboola.com/libtrc/ 810 KB
168 KB 260ms
258ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5c413de57e629fbba188d440b4d7e5f2e4458ce3be46973223d8b44caf071f52

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: intVab2PW6P1rT.KvLfvGQN_lPLSTonz
content-encoding: br
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:24 GMT
x-amz-request-id: VR5TS1XX20SFRR21
age: 20309
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 171478
x-amz-id-2: xsayEOAeWyvpN/OPuTs8oTZaORzgXpB2f3g+HtuYOORn/1yEGBho7eMU3hygtG2gmTwSEyxBlCQ=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:19:18 GMT
server: AmazonS3-br
x-timer: S1695610765.626946,VS0,VE0
etag: "d21d0fc11919906291c7af244ef87480"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 15320

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 161ms
160ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9577
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQVuvoS7CHuWeAzd4lmv7gFFZm1kUzO9FN7sUvYFQWboRLCslsEXYeWZ10IbuVzb8%2BKhgfY3IPJbNK6LcUrr8mlKtpWhbEz3UBO50fHIlJZ3Yjn2%2FiCk8jhtweLuNE%2BvxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 80c002c46d580e2b-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 1923ms
1284ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9053e82e3d08904e9fbdd4d6a00e243d14fe888fd829be0545a8109e0037aebd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:23 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 876ms
445ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.16316403590667816&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:23 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
30 KB 530ms
89ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 810134
x-cache: HIT, HIT
content-length: 29880
x-served-by: cache-lga21979-LGA, cache-fra-eddf8230124-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1695610765.231088,VS0,VE0
etag: W/"28feccc0-14e98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 44, 15487

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6243 18 KB
8 KB 1023ms
464ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe061dba891ad749f8c38c80ef61ee6740bd36e4517673dcc8a9e6823c96d153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7885
x-xss-protection: 0
server: cafe
etag: 9588266032539184366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:24 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 526ms
90ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 372665
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230124-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1695610765.231076,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 331762

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
303 B 566ms
95ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 235469
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 40 KB
9 KB 395ms
389ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=04%3A59%3A24.772&lti=deflated&data=%7B%22id%22%3A90%2C%22ii%22%3A%22%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1695217899936%2C%22vi%22%3A1695610764769%2C%22cv%22%3A%2220230920-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html%22%2C%22vpi%22%3A%22%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3927%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3806.609375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 404e6c4847f15a95f1974a4ee10928ddd75abb3d7cd53659cd39a1dfc9637323

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 330
date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.31875000000000003
x-fastly-to-nlb-rtt: 61618
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230116-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1695610765.792939,VS0,VE330
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 4A3D 714 B
616 B 52ms
52ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 8863
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 80c002cfffb60e2b-MXP
content-encoding: br
content-type: text/html
date: Mon, 25 Sep 2023 02:59:24 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpX3Jlflh0kGF4OieUTKtO2%2BOEulePKJjM1tx%2BJkcPsSiPaYmLi30v2PQL70DXhkM3sezNSjEwkRDEP%2FO0oqbnhDrP6S54xukohtFjMNGHTAdw%2BR1z%2FXcTfqq8zkX34szQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8A42
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

209ms
53ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Sep 2023 02:59:25 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Sep 2023 02:59:25 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
265 B

250ms
121ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Mon, 25 Sep 2023 02:59:25 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 107ms
106ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2400899875037051&correlator=1306000323241837&eid=31078106%2C31077899&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695610764822&lmt=1695603564&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=812447560.1695610762&ga_sid=1695610765&ga_hid=983468293&ga_fc=true&dlt=1695610761195&idt=3602&adks=2226185566&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e549a49ee349844d586db99915f372e25807878cbbe9c04b2df0e980fce1111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12518
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4601 6 KB
3 KB 561ms
93ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:25 GMT
expires: Tue, 24 Sep 2024 02:59:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6243 145 KB
50 KB 101ms
100ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df0df2b2e8b2381fe8f8bddf57d926fe387380ca2ffd35a7a03adf08a36f18e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50721
x-xss-protection: 0
server: cafe
etag: 17885166063079821419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4A3D 98 KB
29 KB 115ms
115ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79f5ebd8b11037a2dcffd4ea59637afc619a780942f992347aa94fce5917c4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29347
x-xss-protection: 0
server: cafe
etag: 432 / 19625 / 31078131 / config-hash: 1630024442603502270
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A587 0
0 152ms
152ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuiEwmyk79V8zGkDF4sq4ziHU6hnhuoAFBzMsHdsDeLnWPZZvkCztgmQzWs8V6_LUSZVoNQ0M_uwyW5_JAdnadzpgdf_MndLZSLjVmYiMmQK6FT9_qtQK_SS6PjWFEHNGPO9gm6V2CEjrvJllL2ApeCLvWeHngCyat05Qyvnkk5soI2DMwG1mqXoL07-hrE5jynBq30MJUxLiwmab7TT5jX-iggziP3W_8MkstLBlLLF4FMeFLryg7UfGKdMkQ7cTlLADNyyf49MW8tdZNtiLwlTaDfSorubtfhUOvTHR1viaHzVD5myoBpaq5NaQ7oQmcBQ&sai=AMfl-YTDBIP0xKkMbvrjz_-x_-2U6ijAx4QPnHR62K-1ZSXBngdVDCmWiL5sUf7M1l-0MGC7Ahg_onNm0O3yXdDjIcl6G7W53kqRdbZ5x-0lMyCDpjDV-J2Q_7MTf_AV4BgR4RcEgMCQtfJIs_CFffY&sig=Cg0ArKJSzIGEF8uymI5aEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:25 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 288ms
77ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 14:03:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64df7a1a-66bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A587 182 KB
57 KB 504ms
76ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:25 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/ Frame 4A3D 410 KB
129 KB 100ms
100ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078131

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f8385a32456868e5011ef7af0cd073451d45efa2771adc8a6a22374ddcb9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 15:29:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41395
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132169
x-xss-protection: 0
server: cafe
etag: 13153470105769340090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Sep 2024 15:29:30 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4A3D 492 B
337 B 86ms
86ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2182909465403234&correlator=2545531851545607&eid=31077365%2C31078131%2C31077231&output=ldjh&gdfp_req=1&vrg=202309210203&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1695610765174&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ducbb31w3uc4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMyzY6uN2_SWvKZyj2FpzkZOvLY3I1PCyGywPZCtf3RSLJvsWha4HDRZlKBIHrZ3gWJHX61NKzjPB4s-xwczy3urDdtyLCvL61rtmy6f9_zSd3WQku0HF-oakeL5niQ0-4DMV4ftWzHRYpBUQQ6H9N6-m8m33EX0OUV04xI27BwdDK36MOkSDfhHJOazfe6&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1468896268.1695610765&ga_sid=1695610765&ga_hid=1914107696&ga_fc=false&dlt=1695610764846&idt=305&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de024dce8f45216724a8722ded26957a1cc3b4fc71eebf80a00c02cb1a579165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4A3D 16 KB
12 KB 495ms
67ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210203&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c2d968c01e5238bcb94c457fbd29273305fcc5630770a89cb214eb9c0d98f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12057
x-xss-protection: 0

GET
H2 200 container.html Show response
c326395f696dc9d3e4b76270f1887a8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D8C 6 KB
3 KB 326ms
75ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c326395f696dc9d3e4b76270f1887a8b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:25 GMT
expires: Tue, 24 Sep 2024 02:59:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 floating-unit.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 65ms
64ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74cff7bc2632d11ec87acda8874c2fd0372cfb64fa857dd1e30a7c4c2801e178

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Flb3xkM39mmTl7J4Dv_LTbTQwH9zSKql
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: 5YKPVYSQTQCZ70HA
age: 56973
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: q7+RBGtQ7KRwo9RU2c99/fb+zXP/9Bi22GTQBaaRvRv6x6m3p55wRFlhnZBnhbxupYb2aZVrOpI=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:09:52 GMT
server: AmazonS3
x-timer: S1695610765.331982,VS0,VE0
etag: "a0ef1e98322146514277b00d3afd92f4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9176

GET
H2 200 taboola-vignette-new-scanning.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 67ms
66ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a697f509eadb62f8477552564e5e8249b4b4b0550bdde73024c9dde02c285c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: teblNm3n7JIrwGdDRm1p7bj3MIgbZPPp
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: FSCWFT0349RQH99N
age: 56917
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8020
x-amz-id-2: /DcawDfgMh+DYKzVZvcql+RyM4KkhQIxsAER4MIwnaUscNFMqynJNZfWyhwUXmIVZdRPMIDxbnY=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:10:48 GMT
server: AmazonS3
x-timer: S1695610765.331946,VS0,VE0
etag: "3f6c2208c05214db78373766a4f9b69a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6755

GET
H2 200 distance-from-article.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 55ms
55ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc7692cec5b5fb398b7cb99760f39071969c674103018e07221fbb0046227ce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ifOrb.YEh.P6X8jC9QHr4IOozSnpA5Cq
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: J4YQ4MTGKE2YVCSX
age: 57006
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: /OgxPvT8gFXRa0RHLIQa/GVMV+glGJyPrcCwk6nVPqel66OvqteRGXTuRGXE0FUWoTXRgg1LIZo=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:09:20 GMT
server: AmazonS3
x-timer: S1695610765.449809,VS0,VE0
etag: "5362edb5947d6818277e58444aa13c42"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 89421

GET
H2 200 article-detection.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 75ms
75ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecedae9d9bd8da80442389273ce409f31a27829736bbc659b5aa9d5fd1089495

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rSjQMCzFAzPym4J07POeQy8C379nAmT_
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: XB294NJZXJZP0V7A
age: 57025
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1293
x-amz-id-2: hOpdc9UrlK4GWGCkg93UUKPV62mFYQpqU3kXgomj0IJwSccXr8AOE0RK4oqdRl5ko1q0qnxlBhA=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:09:00 GMT
server: AmazonS3
x-timer: S1695610765.473331,VS0,VE0
etag: "68d9b1749f8cf3b949b9a0d0afb3d085"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 89501

GET
H2 200 tb Show response
15.taboola.com/ 30 KB
9 KB 91ms
78ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=palmate-bg3co&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Feed&uuip=Feed%20-%20Below%20Article%20Feed&cisrf=&cirf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&encoded=1&uid=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1695610765212&tagid=&cntry=CH&platform=1&sesid=97c94e1d9a123a1691fed8f3393d699b&itemid=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&viewid=1695610764769&geolat=&geoing=&deviceifa=&appid=&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ri=05ea6353bf91828d5257aa60f070b6cd&appname=&cdb=&gdprApplies=true&rid=&sii=&oee=true&tpubid=1524057&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=ZH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1231993&prcnt=&layer=&normp=1&gvv=12238
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5f3c6683f0583811f38e9a5688eeff1b6adefc487d22e69fb04b6300840c0c4

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1442
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610765.243807,VS0,VE23
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 70ms
69ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92d97991ec6e9a526f12410ab0994c15fbfc2a6aece69330c8cdcb59563d6250

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x1aBPlCnBwsxEC4WZcBduoyVzZbX7ju5
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: XF0K1SAMSZ107ZXA
age: 56989
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: wKGEOmpeY5shlpKWnGqHz/PYlLOyGp1rQwIRiX8xO+Fo286aoM0IWwo30vQfDpyrIcZaNWzfXqk=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:09:36 GMT
server: AmazonS3
x-timer: S1695610765.473322,VS0,VE0
etag: "559218901185e02ee46d99953dcc0c58"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 83202

GET
H2 200 userx.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 77ms
76ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 989b69cc4a7a74df2bb81583b9bba4187bba1408e28e77adf771d7a9102bc9e2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3WOixfBYWp1g_ArvXIuUpT7idltcs6Rs
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: QVFVCHWT882R2KTM
age: 56909
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5399
x-amz-id-2: 8t/PzgNyPh89sX06k4JKCNZklpjzsIvzkmdEynsp1bxgQxhR0TKm3BJ4K17MUaP3g0gcXilh6jM=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:10:56 GMT
server: AmazonS3
x-timer: S1695610765.473305,VS0,VE0
etag: "ec3505ddb7b37d1ce4641b0edef9e116"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 0
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12739

GET
H2 200 explore-more.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 60ms
59ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 014d98184c6d1852e7b771a5c28fe6cf6da165532a6c559785e58d03f5c200e3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9e6CbbbXPyLs4fG0KXtkYRfcTp5MmEho
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: RN7M6DNH7YNSK66A
age: 56995
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7707
x-amz-id-2: StcJL9Q8TbhIM+ylRb7sAJFvAqZ1CJjz4ncPtUrkV/Qjur4OwxPZBI9n/HqJdd9DRSOAxuqCIXQ=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:09:31 GMT
server: AmazonS3
x-timer: S1695610766.508891,VS0,VE0
etag: "2b2983fa3a082ecd8f84834c9bb032c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 47045

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 353ms
110ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=04%3A59%3A25.196&id=546&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 358ms
116ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1695610765197%7D&tim=04%3A59%3A25.197&id=218&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 353ms
111ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1695610765205%7D&tim=04%3A59%3A25.205&id=34&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 328ms
111ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A59%3A25.226&id=8359&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 283ms
109ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.234&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1972&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69894

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 283ms
109ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.235&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1492&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 69894

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 142ms
140ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.241&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4029&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 74755

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 143ms
142ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.243&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5670&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 74755

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 130ms
129ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.250&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2980&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 75177

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 55ms
54ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:25 GMT
x-amz-request-id: 0R9XQHAA5Q1ZDC2Q
age: 88
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1695610766.618877,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 47
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 32

GET
H2 200 914b8459320b317c091d4305828e3026.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 105 KB
107 KB 78ms
76ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: deafd355a61ca7bfef8e6445135892716d707118159bfae861456012fd56b9f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
age: 208710
edge-cache-tag: 500527693078314264457894689523910694405,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 500527693078314264457894689523910694405,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 2061
req-referer: https://elecbean.com/pages/games/easter-3-sliding-puzzle/detail.html
content-length: 108010
x-request-id: aaa4348a6c4b92e791fbadefc3c096c1
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100129-IAD, cache-iad-kcgs7200094-IAD, cache-sna10726-LGB, cache-iad-kcgs7200106-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:34:36 GMT
server: nginx
surrogate-reporting: width=1920,height=1440,bytes=224227,owidth=1920,oheight=2400,obytes=693547
x-timer: S1695610766.143403,VS0,VE1
etag: "39a4c0f06b85ae51725e8c7a0e0a5616"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 914b8459320b317c091d4305828e3026.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 70ms
69ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4913ec50a654ee821a6469990347c0a2ccef76c30a38c46d96199f2bc33dacb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
age: 207345
edge-cache-tag: 500527693078314264457894689523910694405,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 500527693078314264457894689523910694405,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 537
req-referer: https://www.gazzetta.it/
content-length: 37986
x-request-id: 428c82bf0241347defa73d22ab74a79d
x-backend-name: US_nlb103
x-served-by: cache-iad-kiad7000156-IAD, cache-iad-kjyo7100160-IAD, cache-iad-kiad7000057-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:34:36 GMT
server: nginx
surrogate-reporting: width=920,height=460,bytes=53475,owidth=1920,oheight=2400,obytes=693547
x-timer: S1695610766.242787,VS0,VE1
etag: "3c196fb9a5a3f76216db535e98bd14c2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 62ms
61ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57d726902e7e61bdd77159edc80d18774870eadd91c277653646d3374aba27af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 2282575
edge-cache-tag: 356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 248
expiration: expiry-date="Tue, 12 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 28970
x-backend-name: LA_nlb203
x-served-by: cache-iad-kcgs7200171-IAD, cache-iad-kiad7000106-IAD, cache-lax10649-LGB, cache-iad-kjyo7100156-IAD, cache-fra-eddf8230116-FRA
last-modified: Sat, 12 Aug 2023 11:48:16 GMT
server: nginx
x-timer: S1695610766.242520,VS0,VE1
etag: "5eeb390e640ddfaeffbf8000fc7a0145"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 137, 1

GET
H2 200 0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 38 KB
39 KB 59ms
58ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age: 3006655
edge-cache-tag: 526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 139
expiration: expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 39080
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200094-IAD, cache-sna10730-LGB, cache-iad-kiad7000050-IAD, cache-fra-eddf8230116-FRA
last-modified: Tue, 25 Jul 2023 11:21:37 GMT
server: nginx
x-timer: S1695610766.242510,VS0,VE0
etag: "ac313dda21f591b9720208e844fa394e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1848, 2

GET
H2 200 15e82cb41537e84a81e903b11bf391fe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
29 KB 67ms
66ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15e82cb41537e84a81e903b11bf391fe.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 247fe7135a83e9b2ec2a4eedf1bd9ff2ad3615f354da84b2b1e7c180e03ee393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15e82cb41537e84a81e903b11bf391fe.jpg
age: 208833
edge-cache-tag: 513122308427684706377502241219877578591,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 513122308427684706377502241219877578591,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 2214
req-referer: https://elecbean.com/
content-length: 29386
x-request-id: 2e36cb1d24fe0dcf8bfb528034fb10d7
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100174-IAD, cache-iad-kcgs7200057-IAD, cache-sna10723-LGB, cache-iad-kcgs7200052-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:51:06 GMT
server: nginx
surrogate-reporting: width=920,height=460,bytes=51352,owidth=6720,oheight=4480,obytes=2033860
x-timer: S1695610766.242516,VS0,VE1
etag: "904adc442e1f87e74cf1d15ee71e2ef5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 80ms
78ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age: 3276310
edge-cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 125
expiration: expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tvseasonspoilers.com/
content-length: 37056
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000162-IAD, cache-iad-kjyo7100124-IAD, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230116-FRA
last-modified: Sat, 22 Jul 2023 07:04:29 GMT
server: nginx
x-timer: S1695610766.282951,VS0,VE1
etag: "0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4718, 1

GET
H2 200 c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 28 KB
29 KB 67ms
64ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06a66363c25f5d4bc424e88806c4a20ff8ecbeda18b5df83fc93e6232076abee

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/c3c9b81a-4659-4d74-8f45-55f16aaf3e07__WXEqK8oL.jpg
age: 568278
edge-cache-tag: 631347976359316422353633311561679458810,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631347976359316422353633311561679458810,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 463
req-referer: https://www.st-georg.de/
content-length: 28292
x-request-id: 7b8e30df1cea6f1c130b2648f51841e1
x-backend-name: US_nlb105
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000057-IAD, cache-iad-kiad7000094-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 13 Sep 2023 17:45:33 GMT
server: nginx
surrogate-reporting: width=460,height=256,bytes=38063,owidth=2000,oheight=1330,obytes=517450
x-timer: S1695610766.331553,VS0,VE1
etag: "3da44e042e046e84e56f618d1e4a16ec"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 14, 1

GET
H2 200 914b8459320b317c091d4305828e3026.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
43 KB 71ms
71ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3656eec4d23260110548958ace8b80419f176f740f634935b68fb1e0aef0509b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
age: 206222
edge-cache-tag: 500527693078314264457894689523910694405,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 500527693078314264457894689523910694405,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 811
req-referer: https://www.sueddeutsche.de/
content-length: 43086
x-request-id: e8de3e96213690bbf84a6adbf7e6ddb7
x-backend-name: US_nlb105
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kiad7000154-IAD, cache-iad-kiad7000062-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:34:36 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=61259,owidth=1920,oheight=2400,obytes=693547
x-timer: S1695610766.331552,VS0,VE1
etag: "b70c0b882cc7e2264e6487017763b196"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 92 KB
93 KB 90ms
89ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 2291199
edge-cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 274
expiration: expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 94302
x-backend-name: US_nlb104
x-served-by: cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100132-IAD, cache-fra-eddf8230116-FRA
last-modified: Mon, 14 Aug 2023 17:13:56 GMT
server: nginx
x-timer: S1695610766.331543,VS0,VE1
etag: "78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 11, 1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8A42 36 KB
11 KB 72ms
71ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b741f25f1ee134dacc62bd33303d64e99613bdbb783cda2418f396df78d5e28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 23:57:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75416
Connection: keep-alive
Content-Length: 10516
Expires: Mon, 25 Sep 2023 23:56:21 GMT

GET
H2 200 15e82cb41537e84a81e903b11bf391fe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
34 KB 90ms
90ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15e82cb41537e84a81e903b11bf391fe.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 51c44d4d975506c25541789c2ffd05055c1071260be786294e67c03b28c3a2e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15e82cb41537e84a81e903b11bf391fe.jpg
age: 207569
edge-cache-tag: 513122308427684706377502241219877578591,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 513122308427684706377502241219877578591,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 1934
req-referer: https://www.mirror.co.uk/news/us-news/mans-tragic-last-moments-filmed-24291344
content-length: 34426
x-request-id: c9b59152d00d483136f04e6d29d64fea
x-backend-name: CH_nlb801
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kiad7000046-IAD, cache-iad-kiad7000066-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:51:06 GMT
server: nginx
surrogate-reporting: width=940,height=523,bytes=60109,owidth=6720,oheight=4480,obytes=2033860
x-timer: S1695610766.331534,VS0,VE1
etag: "0911eaa55479d5eaf4fdb32043593eb5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1

GET
H2 200 0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 118 KB
119 KB 80ms
79ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b18350c8dad27f50fd4fafac2926f359b2becf8b9aa655b8a0ed208be3c8718

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age: 2792222
edge-cache-tag: 526751286337326218232385186173385884285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526751286337326218232385186173385884285,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 360
expiration: expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.otz.de/
content-length: 120942
x-backend-name: LA_nlb203
x-served-by: cache-iad-kjyo7100112-IAD, cache-iad-kjyo7100112-IAD, cache-lax10664-LGB, cache-iad-kcgs7200145-IAD, cache-fra-eddf8230116-FRA
last-modified: Sun, 06 Aug 2023 11:26:32 GMT
server: nginx
x-timer: S1695610766.356848,VS0,VE1
etag: "364662fd3439be2b2111acff854433c9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3, 1, 765, 1

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 52 KB
18 KB 138ms
138ms XHR
application/json 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&referrer=&async=1&uid=7013988720&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 525c9bf2ec79cb1d9006109ccd3ac578ad8052b58ffa7ba2a2d82a3d89a8badd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.3.2/ 128 KB
36 KB 208ms
88ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 711bcd85a0aa2b5fe66c4646a822a776ed0f2f2aab66b580b6097ae23f0fa4b9

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 d5bd9c82cbbad6f05501bb737b3688dc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: WAW51-P3
age: 407880
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 36690
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 20 Sep 2023 09:41:17 GMT
server: AmazonS3
x-timer: S1695610767.537868,VS0,VE0
etag: "8c07dc1387317cc2c5ba16f4a2a5bd0d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: n548lF33cgKfzDrCDLZ3-MM8szLyM4IXIAzUDYjlFYCOG60LBrpBkg==
x-cache-hits: 44073

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 53ms
53ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C8C) /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: br
age: 897383
x-cache: HIT
x-client-device: desktop
content-length: 122286
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: ECAcc (frc/4C8C)
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 02:59:26 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
311 B 127ms
126ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: br
age: 1784585
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (frc/4CD4)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 02:59:26 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 125ms
124ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D07) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo: CH
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: br
age: 897382
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (frc/4D07)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Sep 2024 02:59:26 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 274ms
112ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTU2MTA3NjUzNzAsInBhY2tldElkIjoiMDAwMEE3MDEtOGJhODY1NDMtZWNhNi00ZmE2LWJlOTAtNjI1MjNhZjU2YzI2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuLWppLWppbi1odWktanVhbi16ZW5nLXpob25nLWd1by1mdS15aS1saW5nLWppZS1ob25nLWZhbmcteWktY2FpLWppYW4temhhbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=5802.100002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 273ms
111ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
735 B 115ms
114ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1695610765440
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CC2) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 24 Sep 2024 02:59:26 GMT
date: Mon, 25 Sep 2023 02:59:26 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (frc/4CC2)
age: 3341042
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: CH

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DAA7 4 KB
2 KB 177ms
55ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e68bd0f2285195f4cb1633b8016eb7be982cbf8e0644a9e56fe5fcd9d7b52e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1438
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
123 KB 536ms
93ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0fc6b0311c6ce151569fee1d73bcfeacb5b743650d6d0349aeb35150480a000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125690
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:26 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 72ms
68ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:26 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 118ms
118ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 17:10:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6442c381-edf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:26 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 88 KB
23 KB 150ms
149ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=8a6ba3d3ebe29c4e894807ea956e9bd6
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 11:04:56 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65019758-15fed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:26 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 167ms
166ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:26 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 284 KB
95 KB 85ms
85ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 11:42:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fefd1c-47038"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:27 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 82ms
65ms Stylesheet
text/css 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D29feae3f-6329-482d-b673-5b59899bdfb4%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=29feae3f-6329-482d-b673-5b59899bdfb4&p_id=23

0
152 B

83ms
83ms

Image
text/plain

190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=29feae3f-6329-482d-b673-5b59899bdfb4&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=29feae3f-6329-482d-b673-5b59899bdfb4&p_id=23
date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=29feae3f-6329-482d-b673-5b59899bdfb4&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=1487d990-9035-520c-b5a7-bd0dd0b74a82&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=551fb62f-77b0-4afe-8782-b7992efe91d1&p_id=15

0
155 B

773ms
258ms

Image
text/plain

185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=551fb62f-77b0-4afe-8782-b7992efe91d1&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 185.180.220.208 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=551fb62f-77b0-4afe-8782-b7992efe91d1&p_id=15
date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 124ms
123ms Image
image/png 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Mon, 02 Oct 2023 02:59:27 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 8A42 7 B
765 B 267ms
55ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 63ms
62ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTU2MTA3NjU1ODcsInBhY2tldElkIjoiMDAwMEE3MDEtOGJhODY1NDMtZWNhNi00ZmE2LWJlOTAtNjI1MjNhZjU2YzI2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuLWppLWppbi1odWktanVhbi16ZW5nLXpob25nLWd1by1mdS15aS1saW5nLWppZS1ob25nLWZhbmcteWktY2FpLWppYW4temhhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=6018.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 67ms
66ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTU2MTA3NjU1OTQsInBhY2tldElkIjoiMDAwMEE3MDEtOGJhODY1NDMtZWNhNi00ZmE2LWJlOTAtNjI1MjNhZjU2YzI2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuLWppLWppbi1odWktanVhbi16ZW5nLXpob25nLWd1by1mdS15aS1saW5nLWppZS1ob25nLWZhbmcteWktY2FpLWppYW4temhhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6026.100002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 70 B
317 B 70ms
69ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTU2MTA3NjU1OTgsInBhY2tldElkIjoiMDAwMEE3MDEtOGJhODY1NDMtZWNhNi00ZmE2LWJlOTAtNjI1MjNhZjU2YzI2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuLWppLWppbi1odWktanVhbi16ZW5nLXpob25nLWd1by1mdS15aS1saW5nLWppZS1ob25nLWZhbmcteWktY2FpLWppYW4temhhbi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=6030
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 924 B
526 B 356ms
355ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2400899875037051&correlator=3619684717697075&eid=31078106%2C31077899%2C676982996&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&arp=1&abxe=1&dt=1695610765607&lmt=1695603565&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=812447560.1695610762&ga_sid=1695610765&ga_hid=983468293&ga_fc=true&dlt=1695610761195&idt=3602&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_19_0_pv%26cluster_reporting%3Dchrome_DESKTOP_19_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv6_c&adks=3412779558&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97fa47b14e99dedf6a31b279f60e3d50630ae2f9ef8ac47e9efdc5cbc9fa6f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/ 38 KB
13 KB 61ms
60ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl_page_level_ads.js?cb=31078106

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e2d9dcc9468c3ad051ce044c073c0e995bef2669b75c273b9c7029c41a4ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 10:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58850
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13632
x-xss-protection: 0
server: cafe
etag: 14483834678015216919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 23 Sep 2024 10:38:37 GMT

GET
H2 200 next-up-widget.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 56ms
56ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aae006893b2b4e15dc8d1a4deab2f6defa6430dd2981008ce790ad18a53df05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GqRgly_tY8zVpykNDY8dmzH.sU4AmRas
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:27 GMT
x-amz-request-id: STRNF8RWYX2GWW7Q
age: 56966
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4624
x-amz-id-2: 5afJrvRM/PiTysBpo96T9Lf80WXX/+mmQMB6AONtGC23M8lNkjcYzchpyor0eds4Vn38tWCfhOA=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:10:02 GMT
server: AmazonS3
x-timer: S1695610767.398204,VS0,VE0
etag: "ff53a98eeb20e5a889c23228db5ade08"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 9026

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 144ms
144ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A4424%7D%22%2C%22eventTime%22%3A1695610765616%7D&tim=04%3A59%3A25.616&id=5359&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
DATA 200
OK truncated
/ Frame A587 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01d7151982306201bfa6b96f60679d6ff3520ed8172f4464bb8a20ebb84e9eff

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A587 0
0 565ms
134ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNYF0xudz-ff0E7-nOvFHhsMg0DtUelLCZvibqmA-5D_IBxrinQHccMrOyny_gx8rxx646ffJ8Qi8WaZgEnpZyh1shpotzYUD8xwoOUy8txGqcKyG8YDRPROtwPrVtqB-zGod7b1br8RMBE5xu-mVkfFKDPgXZzXmtoSK2TRQn_8gRSeFuYtDRxAIlDsot-zyEyHdZOU7kC3shVBumBF99Q68ed9cDQUibjaLZA3BDkQVGj0PhSF4-gbdaYWh3IbrpIbXp31MXVJwtuE54Nscl9qmN316SRm84lpMk4YcLYNPctm_ZdgyC_zGDK1BdXXSw_Iwy&sai=AMfl-YTi0I0CpTcNDTXspJSVYP3rnXYz_iPq7BxI3iUXByCrGGfqnYfDhHYDpBGFCEIV4gLDO3KbzJ7Yo1n5i2JpQt3fPNNKscO8CKnLntfQmQhAk4VMy70fAewd3rP5Xa63_SF0wlOTgQAtTYlrXS8&sig=Cg0ArKJSzGkkHfeGxPkhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:26 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 417ms
417ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTU2MTA3NjU1ODcsInBhY2tldElkIjoiMDAwMEE3MDEtOGJhODY1NDMtZWNhNi00ZmE2LWJlOTAtNjI1MjNhZjU2YzI2Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuLWppLWppbi1odWktanVhbi16ZW5nLXpob25nLWd1by1mdS15aS1saW5nLWppZS1ob25nLWZhbmcteWktY2FpLWppYW4temhhbi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=6098.200000762939
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame 6243 379 KB
129 KB 426ms
425ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8ebe6e1096dc0cdbc5f6d48e4eabcef8564714f3223a97550b17b2b1a641a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131532
x-xss-protection: 0
server: cafe
etag: 6055687374974596884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame 51E8 10 KB
5 KB 549ms
116ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 48554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 13:30:12 GMT
etag: 2603938475786422795
expires: Sun, 08 Oct 2023 13:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A3D 17 KB
7 KB 805ms
327ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 02:59:26 GMT

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 416ms
416ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.609375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A59%3A25.734&id=3327&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 416ms
415ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=04%3A59%3A25.743&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=539&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 89157

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 564ms
101ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 02:58:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Sep 2023 02:59:26 GMT

GET
H2 200 spa-detector.20230920-27-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 347ms
345ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230920-27-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b06d2520237ab14e555455ec9da0066deed1e43cc53ba14492e1682244d46baa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fyLpTdaYKDQBKeK9iqyApoObwVzrdJbo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:28 GMT
x-amz-request-id: AXEYBJM90V3ETX5V
age: 56945
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: gqCinhkz9n1AZMugyNqmt349EK0j+V+lswwQ4SlUgWbYpABLMq4go/SDR5DQRbjFZBFqmPPh+8koLwjkRfMy2w==
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 24 Sep 2023 11:10:24 GMT
server: AmazonS3
x-timer: S1695610768.422347,VS0,VE0
etag: "6d625fcb9ebda27aa41361d5906c4b1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 47218

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 308ms
305ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A59%3A25.744&id=4486&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 308ms
305ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1695610765748%7D&tim=04%3A59%3A25.749&id=3190&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 309ms
306ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A59%3A25.750&id=8437&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 309ms
306ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=-48&tvi50=12238&lti=deflated&ri=bdf78c5494117fc11cecc9d32eaa3651&sd=v2_97c94e1d9a123a1691fed8f3393d699b_f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c_1695610764_1695610764_CNawjgYQ2YJdGOH7m9KsMSABKAEwKziy0A1A0IgQSOeS2wNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&pi=/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&wi=6979079411797390421&pt=text&vi=1695610764769&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1695610765752%7D&tim=04%3A59%3A25.752&id=7773&llvl=2&cv=20230920-27-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame DAA7 43 B
443 B 274ms
101ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:25 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 25 Sep 2023 02:59:24 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LMYAVCFP-J-M5A6&gdpr=0

0
291 B

72ms
72ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LMYAVCFP-J-M5A6&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LMYAVCFP-J-M5A6&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2402692138260763539

0
291 B

106ms
106ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2402692138260763539

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
an-x-request-uuid: c7efb57c-eabb-4cc2-9552-5024ef42d663
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2402692138260763539
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=a5e2a2b1962789e9ef4084ebae4afe21&gdpr_consent=&gdpr=0

0
291 B

54ms
54ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=a5e2a2b1962789e9ef4084ebae4afe21&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=a5e2a2b1962789e9ef4084ebae4afe21&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1695610765608091-379
Expires: Mon, 25 Sep 2023 02:59:25 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame DAA7 42 B
775 B 319ms
69ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DAA7
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABispHAgw9X7gjVkNsaOb_drBT0j9ibufKrQ

170 B
409 B

261ms
97ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABispHAgw9X7gjVkNsaOb_drBT0j9ibufKrQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABispHAgw9X7gjVkNsaOb_drBT0j9ibufKrQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=7440678421575996197

0
291 B

92ms
91ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=7440678421575996197

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=7440678421575996197
date: Mon, 25 Sep 2023 02:59:25 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame DAA7 0
0 218ms
80ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DAA7
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4

43 B
479 B

733ms
177ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V2MPKQXCF939YJBJ9JW7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjVBOTk0OTctOTM5NC00RERBLUFENUMtQkFBQzAwREM4QzIy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

0
291 B

54ms
54ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
date: Mon, 25 Sep 2023 02:59:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECu20Q0yVPn-Ud3aXBrp8nY&google_cver=1

0
291 B

81ms
81ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESECu20Q0yVPn-Ud3aXBrp8nY&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESECu20Q0yVPn-Ud3aXBrp8nY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-qkGupNpE2uEaAlcrlCx8kpPmm_R4LZQZow9FPz0-~A

0
291 B

57ms
57ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-qkGupNpE2uEaAlcrlCx8kpPmm_R4LZQZow9FPz0-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-qkGupNpE2uEaAlcrlCx8kpPmm_R4LZQZow9FPz0-~A
date: Mon, 25 Sep 2023 02:59:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DAA7 70 B
264 B 107ms
105ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
onetag-sys.com/match/ Frame DAA7
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725412450400&expires=30&ssp=onetag
https://onetag-sys.com/match/?int_id=30&uid=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&us_privacy=

0
291 B

57ms
56ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&us_privacy=
date: Mon, 25 Sep 2023 02:59:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sync
ad.mox.tv/delivery/v2/ Frame DAA7
Redirect Chain

https://ad.mox.tv/delivery/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5
https://ad.mox.tv/delivery/v2/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5

0
157 B

103ms
102ms

Image
text/plain

185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/v2/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.mox.tv/delivery/v2/sync?userid=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4&p_id=5
date: Mon, 25 Sep 2023 02:59:26 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 194
content-type: text/html

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 8A42
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMYAVC9L-W-8BLJ
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMYAVC9L-W-8BLJ
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
264 B

92ms
91ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date: Mon, 25 Sep 2023 02:59:26 GMT
Connection: close
Content-Length: 111
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8A42
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=i-AQu_ImRjO6zXF7IVQdag&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=i-AQu_ImRjO6zXF7IVQdag

43 B
479 B

108ms
107ms

Image
image/gif

67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=i-AQu_ImRjO6zXF7IVQdag

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

HTTP/1.1

Server

67.220.226.232 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N9FB9HP1NSDZDFXV2A1Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=i-AQu_ImRjO6zXF7IVQdag
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A42
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1ZQVZDOUwtVy04QkxK
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOdH8mBJYWvCAsGsLXX92EQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1ZQVZDOUwtVy04QkxK&google_push=

170 B
232 B

81ms
79ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1ZQVZDOUwtVy04QkxK&google_push=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1ZQVZDOUwtVy04QkxK&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A42
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/cY4ziaoBXxmVsLQWElHnMg?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7ewjQ0VE2oIOPzUjL8HZSb0jKWVE9gFbEo8k7w--~A

42 B
678 B

66ms
66ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7ewjQ0VE2oIOPzUjL8HZSb0jKWVE9gFbEo8k7w--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 25 Sep 2023 02:59:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7ewjQ0VE2oIOPzUjL8HZSb0jKWVE9gFbEo8k7w--~A
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A42
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE2MTdhNjQ2ODMyYzcxZjRhYTg2OGRhNzc3YTk0NmZjYWJkMWY0ZA

170 B
232 B

147ms
147ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE2MTdhNjQ2ODMyYzcxZjRhYTg2OGRhNzc3YTk0NmZjYWJkMWY0ZA

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDE2MTdhNjQ2ODMyYzcxZjRhYTg2OGRhNzc3YTk0NmZjYWJkMWY0ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8A42 70 B
264 B 80ms
78ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:25 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8A42
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMYAVC9L-W-8BLJ

0
649 B

667ms
250ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMYAVC9L-W-8BLJ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7D7A328AC1ED49EF8F4F7F050E0F8F9F Ref B: ZRHEDGE1019 Ref C: 2023-09-25T02:59:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGJiVur6QRdOMN55xByw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMYAVC9L-W-8BLJ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8A42
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=B5Rz_ppUR3-xOY7GSwuLag&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B5Rz_ppUR3-xOY7GSwuLag

43 B
479 B

189ms
187ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B5Rz_ppUR3-xOY7GSwuLag

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2J9S29ZWBJCQSQ4SSS4V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=B5Rz_ppUR3-xOY7GSwuLag
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 8A42
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIblXmghjrw2yPIk_VCNOSc&google_cver=1

42 B
678 B

106ms
105ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIblXmghjrw2yPIk_VCNOSc&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIblXmghjrw2yPIk_VCNOSc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
323 B 156ms
156ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 72
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59163
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610766.309675,VS0,VE72
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D305 13 KB
5 KB 76ms
74ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 18628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 21:48:58 GMT
expires: Mon, 23 Sep 2024 21:48:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF32 829 B
1 KB 529ms
92ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

7ed10dc0ef63a99e8b28cec95f2eb60235bb14e29c4dfe39ecdd21f429067826

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--dl4nwYeZJGdZky4bRYxNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--dl4nwYeZJGdZky4bRYxNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:27 GMT
expires: Mon, 25 Sep 2023 02:59:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 752ms
134ms Script
application/javascript 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 02 Oct 2023 02:59:28 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 491ms
77ms XHR
application/json 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230925

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0178865b3be274d0714e61b7af67ee681df3a384f4dde03ea85d61ec97942567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39519
x-jsd-version: 1.0.1823
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-9RDZGmVvcyaQiKO+uc/puC3XVIE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzAnYSYklQa8b%2FszBGacMC%2BCHg6oJovESrJf9o7qx92foMuGG1LQIxlLA6pxvQjHDATS3TpFkRFrks5e8zIkcqYhdUSFllISFftMBmn6haUsE3tyaUF10Ug%2BSJOVYLhi1y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 80c002dddb942397-ZRH

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 413 B
753 B 521ms
347ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7838c7dfc622ba42b9c2e842fb3cdd911512c1226af7adfa40db4a5755ed133f

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 302
expires: Mon, 25 Sep 2023 02:59:27 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
306 B 215ms
77ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80c002dc38f80d57-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 219ms
81ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 80c002dc38fa0d57-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
273 B 251ms
80ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 25 Sep 2023 02:59:26 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 364ms
208ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 181031d91bac9191de957f855eacbf1719aa9149ce034d3d6f0a7ba683733fc6

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Mon, 25 Sep 2023 02:59:26 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 72ms
71ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
189 B 637ms
170ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=12723258696&lsavail=0

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 25 Sep 2023 02:59:26 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 adreq Show response
ads.servenobid.com/ 981 B
780 B 309ms
94ms XHR
application/json 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1696
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
153 B 217ms
79ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 6edda8324716555ed6f117cac0d2cbda272f1c16967567c0909f5edd4e30bdf9

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
145 B 210ms
72ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 400 prebidjs Show response
rtb.openx.net/openrtbb/ 0
41 B 210ms
73ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bg3.co
date: Mon, 25 Sep 2023 02:59:26 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Origin

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 3 B
454 B 260ms
66ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 5
content-length: 3
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 29 KB
11 KB 295ms
295ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-52-58-48-26.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

f157fab86a2b0a8d38260ab3bbe584e06e175ca7bb95f61159ecd36dd80da2da

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
an-x-request-uuid: dd990def-37ba-468f-9dfe-9dcf348b4422
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
588 B 504ms
311ms XHR
application/json 52.58.48.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&tmax=2500

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.58.48.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 29, 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 39 KB
16 KB 347ms
199ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2bd028721510d05d06f5f19772113ae2a0d9e3579c8f73836c5fa750fb53262

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx7t2jBT6S13sjNf6JyTZUiIVpmBgrLI1YDavQKRsQ7gSnQCl566bN49Yp8TH%2BaBQLRzAjK1FeQr8jP7Uyc%2FlxGsns8dKTvwS3pc89EffOqmnCblxHw6Zv2hNGjDAKO4zyuesALw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80c002dc7f5c24c2-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 5 KB
4 KB 309ms
162ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e3021e45cd9a8a9b69446afe6ab7832e8e1485027c665f5a703ad1d05ce03c

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BSWMwD0KWHuNaloYIByjmPqnQPV%2BuCoAr02Z177p9tu1xyVjDw4flRjNGw0jw6eJShp%2FCcRixv4HWXb1CczpAV1hTOWFmmxFw%2BCFcYngNZDpOYMw4yjpxpkQKnWISA48TzXHoSP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80c002dc7f5e24c2-ZRH
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
546 B 278ms
131ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcc3c54a0732c507fa0867b8131771a6f32f9058d1ce1fd5d39b47e3dcc8523

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrByyYjlASLcZ0PugSVqD%2FXhKOYfgc7nuc5KvBTwdrhVhArSUh%2FKGou91VRmy2W5yk%2BXtBxRMeuuaRGmF9Jzxdae2B2JHooJWWQD8CeU47SHVr5GBQ0Mw7DaOwjZzILPlqQQzXmJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80c002dc7f5f24c2-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
469 B 341ms
79ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 6c681bcf95ca8e959a01bba7f8a2b7b40d2ce5ce934419109074102ffd5b6fb7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.130.0
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 29 KB
12 KB 818ms
303ms XHR
application/json 213.19.162.51
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=b8e06e4b-f187-4cc3-a686-a77051ecacbc%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E8%87%BA%E7%A9%8D%E9%9B%BB%E5%9F%BA%E9%87%91%E6%9C%83%E6%8D%90%E8%B4%88%E4%B8%AD%E5%9C%8B%E9%99%84%E9%86%AB%E3%80%8C%E9%9B%B6%E6%8E%A5%E8%A7%B8%E9%98%B2%E7%96%AB%E6%8E%A1%E6%AA%A2%E7%AB%99%E3%80%8D&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=69fc8b20-374f-47e4-b886-6e6ede84eaa5%3B6117a98e-0397-40c0-ab52-0ae5ffc3fb6a&l_pb_bid_id=7065e71a711ee4a%3B7163ada6472b4d7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=69fc8b20-374f-47e4-b886-6e6ede84eaa5%3B6117a98e-0397-40c0-ab52-0ae5ffc3fb6a&rp_maxbids=1&slots=2&rand=0.6465862553723583
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ec38e69b3a4f35fce0ced6ea42b37c408d2703058423f86081cbec4237b9fd3b

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 37 KB
22 KB 599ms
325ms XHR
application/json 18.195.247.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.247.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-247-103.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a5766e91f12feacf11d3476b61bfdf7a5daf09482d74e4b5a8b499e08bd0ba0

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Sep 2023 02:59:27 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 22587

GET
H2 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame D305 37 KB
15 KB 76ms
75ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Sep 2024 21:48:58 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
764 B 458ms
455ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 16314
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1695610768.422809,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1952

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame D305 0
40 B 50ms
50ms Image
text/plain 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4FS2PA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9EC2 577 B
437 B 78ms
69ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=undefined&cb=1695610766912&uv=3342&tms=1695610766912&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fecf5a31-a10d-4f97-856f-705d365e526b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5fc1a1c6528921d01f33e45d8a19636bd772c4f060c6566eae91b32b69bb282

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 25 Sep 2023 02:59:26 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230116-FRA
x-timer: S1695610767.942128,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame ACD1 422 B
508 B 216ms
72ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4c2e45664ffe6a038a8906278d1bde5487fd977c082b03893d39f792900e3de8

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 25 Sep 2023 02:59:27 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
704 B 105ms
97ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1695610766918&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1556&pt=-1053474370&tz=120&viewable=true&ddast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 25 Sep 2023 02:59:26 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1455
x-cache: MISS
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610767.942370,VS0,VE30
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 436ms
423ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=31589837&cb=1695610766912&uv=3342&tms=1695610766912&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1695610759569.2!ts:1695610766912&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9EC2 70 B
264 B 76ms
76ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=undefined&cb=1695610766912&uv=3342&tms=1695610766912&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fecf5a31-a10d-4f97-856f-705d365e526b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9EC2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

0
98 B

95ms
65ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=undefined&cb=1695610766912&uv=3342&tms=1695610766912&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fecf5a31-a10d-4f97-856f-705d365e526b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28957

Redirect headers

date: Mon, 25 Sep 2023 02:59:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B6D8 281 B
554 B 88ms
87ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=undefined&cb=1695610766912&uv=3342&tms=1695610766912&abt=nonrv_vA!ufm_vD!ufwfrtb_vA!unf_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=fecf5a31-a10d-4f97-856f-705d365e526b&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Sep 2023 02:59:27 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_4_2/infra/ 881 KB
144 KB 404ms
401ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1695210483
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: FZ63QBX8R0WA5WR3
age: 400142
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1695210483
x-amz-meta-mode: 33188
content-length: 147012
x-amz-id-2: 5QUn0DdlEIn+v0YvRHc6ebFTtv7AAJYlASzqv3TpOhW8fc/BPdRZfkD6Z2nPoYuorYlFQ4pJ06o=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Wed, 20 Sep 2023 11:48:04 GMT
server: AmazonS3-br
x-timer: S1695610768.422862,VS0,VE0
etag: "76607e75a1d8a4ef30e4276227b9084c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 164394

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_2/assets/css/ 60 KB
8 KB 60ms
60ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_4_2/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1695210501
date: Mon, 25 Sep 2023 02:59:27 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: CV8GH8JP9X0ETZKQ
age: 400144
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1695210502
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: 2pvLe+Vu0+sbAz0O23cXXLQYKUbwOFriaxMDqTlTUFC0IWSBPAKHfpMPyblruH0KjK8bzok8uAk=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 11:48:23 GMT
server: AmazonS3-br
x-timer: S1695610767.047284,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 382290

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF32 0
0 92ms
92ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210203&jk=2182909465403234&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B6D8 36 KB
11 KB 58ms
58ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b741f25f1ee134dacc62bd33303d64e99613bdbb783cda2418f396df78d5e28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:27 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 23:57:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75414
Connection: keep-alive
Content-Length: 10516
Expires: Mon, 25 Sep 2023 23:56:21 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame ACD1 70 B
264 B 77ms
76ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame ACD1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

0
98 B

70ms
70ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29344

Redirect headers

date: Mon, 25 Sep 2023 02:59:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame ACD1 43 B
145 B 57ms
57ms Image
image/gif 3.76.65.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.65.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B6D8 7 B
380 B 59ms
59ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LMYAVC9L-W-8BLJ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 430ms
427ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:28 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 713
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1695610768.422529,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 14
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1114

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 429ms
426ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 25 Sep 2023 02:59:28 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 5863
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1695610768.422311,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 91
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1810

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A3D 0
0 110ms
109ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309210203&jk=2182909465403234&bg=!NjWlNXrNAAYrDsWMCw47ADQBe5WfOM6GTRRCtHx8Vw4VhylxxH9OkCAwTVpl6G9HUGBh-hgDkSe3Glv7jWYVHVHIy9fiAgAAAF9SAAAACWgBBwoAEFjkfpueBrrkvovES81QrPuZAs6awfIcvZgEdYhscYDIl4uhx-QVhRhDI_6DxLzGR1VUVEt7aNYlEnyCQFbx-lCAVRe_G4OdVTkHcNcQv9ZRWn7lhh2_jR3nG2cVKBAUHeTOFCKH9YxrTNYqU5-sHSOM8kER53bn4uxRuJedUeRBH3tlqgw6BTRXnMC-ISE9J137xGwT-R5P9t-X2Yqs3QUfdiWZtB3ksrxg2KzV7SUxnw-ADeYpBmEf43hbYZ7CxIFsRexU7WbkzL4YocL_i7NuWqnSQ3bVyF341QZFz8BKZb0uQb5ccIck61ZFUJfkI5nC6eSGnLQTFwg8sP3JdfoylIDEZX8WN32ZwD8eoq-mamK4uPnOzIy-heZCJht9nhlGSJAngvpb2TO_adIrCpq5KQHA8kmkYArN1Y8E6glxf6gbCLq5hCeigdb-eCZAy_l3F6N3BU_NT5qtwcbEjka4XWrlczsKKMqan-s7jcAW18qHsQboKzOXfxbDchhpsdgDiI5jQUula1K9S7Khd2TMoxjCoV8S8VKrxHm42_4w_kHGrZTlP7z4AWB2on73ihgU0_oWiLb14F_Z1wKotqfKQU6SPK9k58PxMgLXUi7SK4DuNILXymVh9Jhp9Bhf9v-u7bS0gytuA86_sM0OqPEMo59G4gnBYGB8R3EMcIq8c1y9hWGEWyiXMw5VNiqItUo58psokazwWiIjbXu8PV2bHLUVoOKX5D1WkE5CsTsPLoZyvr8u4fjN9zt8N-9eeknTKLt1MOdHRKXj7hLfbPK-QqDoODiULvlc8txNgQAIQlqUnjtMQBqv74N-yoG-oHkM35loFB3BifjgAJ-d2E25pYT6A0Y3yqMnRXu1y-cgTzLB5kNHMcbGEAYF3Azx71v4BwPwi5eVMvCrFgWpGSqlXKK-qU9ymJ408SLbmgaK7f4g2Mg95ybHAXSJUUqPZeO1qGy5rtZ99EW0iqGG2Q2y
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
332 B 454ms
239ms Fetch
application/json 185.86.138.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:27 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
497 B 78ms
77ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.bg3.co
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 914b8459320b317c091d4305828e3026.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 455ms
453ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e36a9ccaeb3947886574bddd34e9d539737c08c42ad302212eb850098f74143d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/914b8459320b317c091d4305828e3026.jpg
age: 207965
edge-cache-tag: 500527693078314264457894689523910694405,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 500527693078314264457894689523910694405,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 520
req-referer: https://editionist.com/
content-length: 5214
x-request-id: 3162acd62d3053123477fe2e7a36501d
x-backend-name: LA_nlb201
x-served-by: cache-iad-kjyo7100089-IAD, cache-iad-kcgs7200051-IAD, cache-lax10632-LGB, cache-iad-kcgs7200046-IAD, cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Sep 2023 13:34:36 GMT
server: nginx
surrogate-reporting: width=160,height=160,bytes=6529,owidth=1920,oheight=2400,obytes=693547
x-timer: S1695610768.422305,VS0,VE1
etag: "40943b0997fbd31490e10b546e3f3219"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 459ms
457ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age: 3247386
edge-cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 79
req-referer: http://geekhebdo.com/
content-length: 8250
x-request-id: a9345f3c6a017abfd5fd26145d40a354
x-backend-name: CH_nlb801
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kiad7000082-IAD, cache-iad-kiad7000124-IAD, cache-fra-eddf8230116-FRA
last-modified: Thu, 10 Aug 2023 11:47:17 GMT
server: nginx
x-timer: S1695610768.422282,VS0,VE1
etag: "0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1

GET
H2 200 0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
11 KB 458ms
455ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7776723345e5531a4ccb1eac4356496536e2d02d86e9300bbff5d1ea626e8cb0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age: 3009362
edge-cache-tag: 526751286337326218232385186173385884285,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526751286337326218232385186173385884285,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 82
expiration: expiry-date="Sun, 03 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.moja-ostroleka.pl/
content-length: 11046
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200052-IAD, cache-lax10656-LGB, cache-iad-kcgs7200050-IAD, cache-fra-eddf8230116-FRA
last-modified: Thu, 03 Aug 2023 10:16:53 GMT
server: nginx
x-timer: S1695610768.422290,VS0,VE1
etag: "09eebef16fe0924b4ab94724231a4f49"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 63, 1

GET
H2 200 auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 70 B
317 B 432ms
429ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YWktamktZGlhbi1qaS1qaW4taHVpLWp1YW4temVuZy16aG9uZy1ndW8tZnUteWktbGluZy1qaWUtaG9uZy1mYW5nLXlpLWNhaS1qaWFuLXpoYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLThiYTg2NTQzLWVjYTYtNGZhNi1iZTkwLTYyNTIzYWY1NmMyNiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJjYzA3ODZiZi03N2EwLTQ3NWQtODMzOC00NGNjNTZjN2YwYzAiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk1NjEwNzY2NTkzLCJiaWRzIjpbeyJjcG0iOjAuMTYzNDk0LCJhZElkIjoiNzZkNTA0ZWRhYWRjNTkiLCJvcmlnaW5hbENwbSI6MC4xNjM0OTQsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAxNjM0OTQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjMwNiwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTU2MTA3NjY5MjR9LHsiY3BtIjowLjAxLCJhZElkIjoiNzljMTFiZTNkYTAyMTk1Iiwib3JpZ2luYWxDcG0iOjAuMDEsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6InZpZGVvIiwicmVzcG9uc2VUaW1lIjozMTYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1NjEwNzY2OTM4fSx7ImNwbSI6MC4wNCwiYWRJZCI6IjgwNDhjYzY0MTMxOTZkNSIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTU2MTA3NjY5ODB9LHsiY3BtIjowLjAyMzQ4NTUwMDAwMDAwMDAwMywiYWRJZCI6Ijg1ODQxNGIyNTcwM2ZkYyIsIm9yaWdpbmFsQ3BtIjowLjAyNzYzMDAwMDAwMDAwMDAwMiwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDIzNDg1NTAwMDAwMDAwMDA0LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2MDMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1NjEwNzY3MjM0fSx7ImNwbSI6MC4wNSwiYWRJZCI6Ijg3YjM0MGI0NzFiMDM1OSIsIm9yaWdpbmFsQ3BtIjowLjA1LCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwNSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6ODM3LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTYxMDc2NzQ2NH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhcHBuZXh1cyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzZkNTA0ZWRhYWRjNTkiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMTYzNDk0fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJjYzA3ODZiZi03N2EwLTQ3NWQtODMzOC00NGNjNTZjN2YwYzAiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk1NjEwNzY2NTkzLCJiaWRzIjpbeyJjcG0iOjAuMTQ3OTQ1LCJhZElkIjoiNzUyY2RmNjIyOTYyZjgiLCJvcmlnaW5hbENwbSI6MC4xNDc5NDUsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAxNDc5NDUsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjMwNCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTU2MTA3NjY5MjJ9LHsiY3BtIjowLjA0LCJhZElkIjoiODE0YjBkZjk4NWI0NzU2Iiwib3JpZ2luYWxDcG0iOjAuMDQsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MzU4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTYxMDc2Njk4MH0seyJjcG0iOjAuMDQsImFkSWQiOiI4MjMyZmFmNjYyNzZkNCIsIm9yaWdpbmFsQ3BtIjowLjA0LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDQsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM1OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTU2MTA3NjY5ODF9LHsiY3BtIjowLjEsImFkSWQiOiI4MzMyMzgxMTQzMjVhZmMiLCJvcmlnaW5hbENwbSI6MC4xLCJiaWRkZXIiOiJ0ZWFkcyIsInJldmVudWUiOjAuMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NTI0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTYxMDc2NzEyN30seyJjcG0iOjAuMDgwNDAxNTAwMDAwMDAwMDEsImFkSWQiOiI4NDlkYWQwYTFiZGVjYTEiLCJvcmlnaW5hbENwbSI6MC4wOTQ1OTAwMDAwMDAwMDAwMSwiYmlkZGVyIjoiYWRsaXZldGVjaCIsInJldmVudWUiOjAuMDAwMDgwNDAxNTAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjYwMywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTU2MTA3NjcyMzR9LHsiY3BtIjowLjA1LCJhZElkIjoiODYyNDZmNDIzZGNjMTc5Iiwib3JpZ2luYWxDcG0iOjAuMDUsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDA1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo4MzYsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1NjEwNzY3NDYzfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NTJjZGY2MjI5NjJmOCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAxNDc5NDV9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=7898.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 366ms
366ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2400899875037051&correlator=1239529611282250&eid=31078106%2C31077899%2C676982996&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&arp=1&abxe=1&dt=1695610767482&lmt=1695603567&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGslwl44PW9lZMslpIen1Fv86jMH6vCE_853ePju7CQvC&ga_vid=812447560.1695610762&ga_sid=1695610765&ga_hid=983468293&ga_fc=true&dlt=1695610761195&idt=3602&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_19_0%26cluster_reporting%3Dchrome_DESKTOP_19_1_active_0%26refresh27Split%3Drefresh_control_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.14%26hb_ap_adid%3D752cdf622962f8%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv6_c&adks=2102018513&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ab24dfd895163e62c600bdc86032ccaa62a6124291557c861e1e5a5988e7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11304
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 581ms
580ms Fetch
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2400899875037051&correlator=1239529611282250&eid=31078106%2C31077899%2C676982996&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&arp=1&abxe=1&dt=1695610767484&lmt=1695603567&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGslwl44PW9lZMslpIen1Fv86jMH6vCE_853ePju7CQvC&ga_vid=812447560.1695610762&ga_sid=1695610765&ga_hid=983468293&ga_fc=true&dlt=1695610761195&idt=3602&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_19_0%26cluster_reporting%3Dchrome_DESKTOP_19_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.16%26hb_ap_adid%3D76d504edaadc59%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dtrue%26adro%3Dv6_c&adks=3374688892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd719dc9270fa6d016ed9cca76a89af958f14bc15ec9da79525db2c9f7885c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11600
x-xss-protection: 0
google-lineitem-id: 5221734857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440838557
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 L2EvdGFpLWppLWRpYW4tamktamluLWh1aS1qdWFuLXplbmctemhvbmctZ3VvLWZ1LXlpLWxpbmctamllLWhvbmctZmFuZy15aS1jYWktamlhbi16aGFuLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
245 B 436ms
436ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvdGFpLWppLWRpYW4tamktamluLWh1aS1qdWFuLXplbmctemhvbmctZ3VvLWZ1LXlpLWxpbmctamllLWhvbmctZmFuZy15aS1jYWktamlhbi16aGFuLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 24 Sep 2024 02:59:27 GMT
date: Mon, 25 Sep 2023 02:59:55 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: CH

GET
H2 200 container.html Show response
9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B5FE 6 KB
3 KB 74ms
73ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:25 GMT
expires: Tue, 24 Sep 2024 02:59:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 470ms
467ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 25 Sep 2023 03:59:28 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 302ms
302ms Stylesheet
text/css 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:27 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.591.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 419D 723 KB
232 KB 103ms
103ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 272613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236868
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 23:15:54 GMT
expires: Fri, 20 Sep 2024 23:15:54 GMT
last-modified: Thu, 21 Sep 2023 23:07:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 792ms
270ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 02:59:29 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9946 40 KB
14 KB 195ms
193ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 25 Sep 2023 03:28:46 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 263ms
261ms Image
text/xml 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=dRoYdb%2BEfVhz1I9NMNvUF4m536srxNaFTh4h6Lh7Es%2FXP7Q2OL%2FcFXxEwI3%2BqdlTiDeXVHNbVsBMepDjd3jNY%2B81h%2FYlz2PoUmAsA5QotnpuuJRQqVDKYdxAMtFUDRqrF3ABwFEcde%2BuHDZcMyC%2BNxD7olGMsM8dBiIogQ%2BePd7FG%2BvFdPRMA24ed%2B4r68VQqiBW9eAkY4RA67DW8uxsizIpTI467r5JeU9EDr2Lz3OsKAY%2FPCm2Xp3roQ63EMRZWvEDH6VlJvpnq5R0w%2BRrowbABitaQAkFfQ0CBgaQ18tLh6RPBgWXX%2Fe1ZEtaAw%2FUpZucExZnBfb2oZ8mTwTGAPrUNQj6TreIcFrBOzVUneD5vSKiUYTiXspowARyLgq5LmNp%2FdgOeW4Fy1vyVery9GLnzg3KYTFWKqdizVhhVuOUykBVdc14WHyoaMXS5ZiakmD4vNDBwmrO%2BnqoeTKChQ5ywZF6xch3zARieUhjfEu48E2%2FS54wpSq3%2F4SaNR1XfRHrJw8IvzlhHLZtiapfVmtaTnzUW%2FWUYYZN%2FsDWzuKkQaC%2B%2F3insQNYgo0qrSDF
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 36 KB
0 598ms
185ms Media
video/mp4 212.8.250.227
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.227 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-227.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 25 Sep 2023 02:59:28 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4C91 478 B
242 B 202ms
200ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxCP5OeFBBjqgYz0ATAB&v=APEucNWOH7RwEQq4nuMHNKCv9QVMx3lSjAjkqYm6XoFlQG5LOQ0RXPCN871-oiRnxAiMrPyUYelFihR9gqcfRFs79idXsOYJ4A

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B5FE 89 KB
31 KB 203ms
200ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:28 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5FE 42 B
110 B 227ms
224ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2PLW42k6pOzAQemKV0G9qeCv9BxNoqk5EXzemLnK1AxQ-8RHmaV6oE1Y3aUGX5hllPBkUGFzWTnOBSCtCgsh3Rs4OAxsronGLzYtk0ZeAuW2_bzE

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5FE 0
119 B 226ms
224ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16888647861291740321&x=1&ct=76

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame B5FE 3 KB
1 KB 182ms
180ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 16:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 16:33:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame B5FE 20 KB
8 KB 173ms
171ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:26:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B5FE 0
0 329ms
328ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbxSeKY-F-rAWmIaaLq2a_blUAHJsSbIO1a9whsGYPFrlMrSKJrNqLDp1ODiN1IL1mmIlI2mSTT3La4Tt-vRJ1FbadFw
Requested by: Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5FE 182 KB
57 KB 224ms
222ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 261ms
260ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7749a7303880b295732b70b13e08f381d1341e67592231354e2921327fa08b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Sep 2023 02:59:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 57FF 0
0 413ms
412ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwRG0XzhL5neIJPpmQqiIAl2TbyuTlIGmXvMVbhIZScRab5NWDHjaE3faPvV5OxS-UDaI2B39U0pJf9-gcposODP9Qknz53OPFdKQ57yqcwbwlIsaE3F-8dSvfYdg7HkOyoZtdMwwH9ShVHA8Nvm5Z0Bbp20c7OUYqiY_uNRnBd_m2LQPXczXQ9U-CXwhRoKrKb_x3ogI82NvGn2Vp8Qs6D8JCufU_jwpo3gHbg3awT5qyChaUPqFKHAcu0g9NjZ6kWIH2_OxBCUOnM-acwgPYDdKRD8guGkKs3e08vppxW8WlJZGnyUIMz_SRgOHDyWOP&sai=AMfl-YTGh8-oDmrEnqOGDBnoKwsNRKhBO8Vv61GxlMhIpvb6BKEbUoT-I6hEyuMLu8wtD1TME9IbO_wt5MBFgJxcnC1Lh-JLJaoy2bvJ5yXWrCHSLYuhe9leOcxfNsn-0A&sig=Cg0ArKJSzHd6_wqjGnyNEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-233-144-202.compute-1.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 1363ms
431ms Fetch
application/json 3.233.144.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.144.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 200
OK appnexus-html5-lib-host.min.js Show response
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame 57FF 11 KB
4 KB 1291ms
705ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 May 2018 13:47:22 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Akamai-EW-Subworker: 8096267
ETag: "5b0570ea-2b85"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 3768
Expires: Tue, 26 Sep 2023 02:59:30 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 57FF 80 KB
27 KB 771ms
156ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 24 Sep 2024 02:59:29 GMT

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 57FF 0
643 B 150ms
144ms Image
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&e=wqT_3QKrDPQXASsGAAADANYABQEIju_DqAYQs-Og4b6umP9jGJOnoO3Q-ISsISo2Cc-MAxwK98w_EeZxPbRd7cQ_GQAAAOBRuL4_Ic3jeiXaX90_KWufjscMVOQ_MQAAAEDheoQ_MPLsxgo4_VxAuVxIAlCIt6PeAVi5tIoBYABotZGzAXiC2QWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1ODk3NjkxLCAwKTt1ZignaScsIDc0Mzc0NzcsIDApO3VmKCdnJywgMTg0ODc2MTUsIDApO3VmKCdzJywgMjc2NDM4MDU1LCAwKTt1ZigncicsIDQ2NjE0ODIzMiwBVfCwkgLZBCFSSFVwMkFqQThMd1pFSWkzbzk0QkdBQWd1YlNLQVRBQU9BQkFBRWk1WEZEeTdNWUtXQUJnbXdSb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFVRjdDMWQ0Yi1JX3dRSDgtOW5KRWxUa1A4a0JBQUFBQUFBQThEX1pBZmV2ckRRcEJlMF80QUdsLWNVRDlRRy1lNU1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwTEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0BVHwUkRJSFpHVm1ZWFZzZEtJRERnaVJnSUlqRUFzWUFpMmFtWmtfdWdNSlJsSkJNVG8xTkRRMjRBUEpSSUFFMlpqaUM0Z0UyNWppQzVBRUFaZ0VBY0VFBVgFAQhESkIFCAkBGDJBUUE4UVEJDQEBRElnRnhpcVlCYWU0NklNQnFRVQEWIEFBQUR3UDdFRgEKCQEIREJCATccRUF6TV9NX3kFKBxDQXg3bnVQOTIoAABaBSgBAcBQQV80QVdtOEFQd0JiLXk2QWo0QmR2NzV3S0NCZ05EU0VhSUJnU1FCZ0dZQmdDaEJnATUEQUEBOCBxQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MOHVBWUuaApkBIV9SUVA0ZzpdAixMbTBpZ0VnQUNnQU0RNYhQQV9PZ2xHVWtFeE9qVTBORFpBeVVSSjk2LXNOQ2tGN1Q5Ug2AEEFBQUJaAQYJAQRCaAkIAQEEQnABBgkBBEJ4CQgBARBCNEFJazWAuDhEOC7YAgDgAtHwXOoCbmh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuAQioamluLWh1aS1qdWFuLXplbmctemhvbmctZ3VvLWZ1LXlpLWxpbmctamllLQUYDGZhbmcBFgBjBUcBNPCfaGFuLmh0bWyAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzMxLjEwLjE1NC4wqAQAsgQPCAAQBBjKByBaKAEwADgCuAQAwAQAyAQA0gQPMTE4MzMjRlJBMTo1NDQ22gQCCAHgBAHwBIi3o94BiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4LZBdIHDRVlASYI2gcGAV7wdRgA4AcA6gcCCADwB7X2DIoIRwpDAAABispHArBj_mFz7Cgxs5igBGga_TwZwCf6giohkoSuMdH9gj2Pxsg4wvmPC2BNBrINXO2y2L42V7O5jFHlCzGBGRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARACGAA.&s=b21086479a5f289cca36a8ddc0109718bdc69480

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
an-x-request-uuid: aa0d45cd-ad46-4a01-a60f-8d2c4d18f3da
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57FF 182 KB
57 KB 300ms
298ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:28 GMT

GET
H2 200 aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 151ms
151ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YWktamktZGlhbi1qaS1qaW4taHVpLWp1YW4temVuZy16aG9uZy1ndW8tZnUteWktbGluZy1qaWUtaG9uZy1mYW5nLXlpLWNhaS1qaWFuLXpoYW4uaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLThiYTg2NTQzLWVjYTYtNGZhNi1iZTkwLTYyNTIzYWY1NmMyNiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImJpZHMiOlt7ImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAxNjM0OTQsInJlc3BvbnNlVGltZSI6MzA2LCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJhcHBuZXh1cyIsIndpbm5lck5ldHdvcmtSZWxhdGlvbiI6MSwid2lubmluZ1JldmVudWUiOjAuMDAwMTYzNDk0LCJ3aW5uZXJBZFVuaXRJZCI6Ijc2ZDUwNGVkYWFkYzU5IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOls1LDNdLCJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiI3Mjh4OTAiLCJwcmViaWRBdWN0aW9uSWQiOiJjYzA3ODZiZi03N2EwLTQ3NWQtODMzOC00NGNjNTZjN2YwYzAiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=8525.100002288818
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4C91 170 B
188 B 512ms
511ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxCP5OeFBBjqgYz0ATAB&v=APEucNWOH7RwEQq4nuMHNKCv9QVMx3lSjAjkqYm6XoFlQG5LOQ0RXPCN871-oiRnxAiMrPyUYelFihR9gqcfRFs79idXsOYJ4A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4C91
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1

43 B
335 B

240ms
239ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxCP5OeFBBjqgYz0ATAB&v=APEucNWOH7RwEQq4nuMHNKCv9QVMx3lSjAjkqYm6XoFlQG5LOQ0RXPCN871-oiRnxAiMrPyUYelFihR9gqcfRFs79idXsOYJ4A
Protocol: H2
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDpTLMaMVRjGhddfcANp3ExLpACPvjFLNioJDPAB0WIj3WiXyb29MBPOkUwkUGUeoccbn0Yu6nkUBNeUzyggtwyVddBlk4GA3Dw61cy4jJhslpCi3VzmXDLdUyT%2FUzFxlebOd3jsWSyKVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c002e95f5424c2-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 4C91
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZRD3kMJnEoJxRHhJAdqIKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1

43 B
549 B

1229ms
1229ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-nFxCP5OeFBBjqgYz0ATAB&v=APEucNWOH7RwEQq4nuMHNKCv9QVMx3lSjAjkqYm6XoFlQG5LOQ0RXPCN871-oiRnxAiMrPyUYelFihR9gqcfRFs79idXsOYJ4A
Protocol: H2
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuoTDysS0hAWNiJKSpsEwJbv4gFzEl8oV4SBzTaJCefU4BWgw0IGkEd29XS8rU64%2BfHcMPRQyQc0N5Jfl5xZBWSeYHW%2B7eFDScIQTo2V3JT63NUuJ5v2CYV2Tnb%2BjgLmH%2BLeQfqT1tAtfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c002f2a9ef24c2-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGx8PYgXNauMCSgFTRyyx4E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5FE 0
56 B 342ms
342ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6759040567752&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5FE 0
56 B 462ms
461ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6759040567752&version=m202309120101&ct=76&x=1&cor=16888647861291741000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B5FE 79 KB
37 KB 449ms
448ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5m7J-pt_FRmN_t_A9P282o57OkUHqUAWTb2naEe7hfntnBfBQdRF4bAMg-gFCpHn8bpPsefL2GiEriN_eQ3PxNhklpg&cry=1&dbm_d=AKAmf-BX0-v2Op8Kr14pTZcldbo58pTNWzIBRtirAwNliYU3df_6qroKHtkNK6I_gNOOAn30xHwxQN7tZQAYHIDBiXYYM0dA6ULNo4Wx-6CZ53yYlgC4GwMiCMIWDnLwa9IG80kx0GzKbJNH9PmrZwJNgFxD4r1VAeR5_KzpQXndwcQpemOjnhWmufTfOVr7bDu_b4ju25gY8DmphxasOA4QdFlwIVuOunTKwIWGEdZvkKDvpp4sPL3_PG6b4NtAvTCStrGNkpw68RBKNtARFq7vdq90FafFlK7Qv7manzlIj3vfHHVE_4AiR9Mb_n1eeSjbq4TU2iTvUeteo7mPgBEz05RcyxJpYa6bWHSe1azMj6RhPDFMFoO1fepC5Q3sp5DdqItv_RhpFh8xB6iyoIGanYxH5agvQM8y1Rkq_SAMTmeisCiHx-MpaZ_F7QhSRXp0hvpDZdAptCC-S-0hDYBGoUSL7RZeTpUtOJzPVsaufUHUKk3CWuXDYOh3v6P5JfvklVQbaZIggUGqWvSsQ_ab_0Ai58YqgjJlAdPBbn7UPa1fygYwaR6CLNOjcU-WqiTq6tXBHsbmIpYaAbD6fM920qun1iOc0INMUb4hhpl_QhmTOFe0aeEAEGco_lKm8qkSonbdszNN8Cmz2uB08FnjhyHkpk8_MMVrrWMdysyoh3onYDJCI73yjA8_Ekqfy4E1XKxId1AfgGXkX_MOCTzGtUHo8yizTBsFcB4qB61-8VgnjQLa1BOKkszZW4A7hY4DL5N8w89-YYUoAHyne_qfCKzfEYtyUksw-R5NRq9jRIC33dAKXdSOYbd0Xf0hTn0I1EN_L_Mn8l92QuLgKQvhDhMR9pU4qpqLdfLftcySyxMYSiT_zJhvvnNZ_6ZMnyVuZLD6G9tPgRgtvs_NsLJ5RCZnt-Q2akY4-Yxjq5K8jtxLKircKbmJTdei6M49R-3giWSH9_f5sfmTdosRzNbc2K6FVo6NaKSXn6gxj03OiHP7bAX1aRry7cxqGhgvt8M6JCQ40W-7qnbhPNg2ZzkCUTBs3Wg77TCTy-4jpMqa5O_8b6SBtNepejGJYQuIIF3kS_yCa4z7_oumHMZReGaj5R7HQI8Oh7rBaa2kk7Adlu2Pmh3dpoV-Y_cfnEo71UPDp2WBxrd6Vp8zigyNwa8gqq4PVza7zp6ewOKcn_GbxpYX0xlMeEnrMTAoqysDaBTahw7JS0Hy5WwUrQ9UIpx2lkDptTPFWdhxUkGHf84fBQKYtTGVA5GbkxcIz9w6jpgspvACfJ7MVEqdpRoSh1WfvVBKrpCNTUu8IH2DTDO88-xCM7_Z5ZvYKin5or3HEJCl_-fIRvyOsydvGz-pIMrJQMao3AANWe6ecw3DHSx06f-Y82asZbP5XgcNmGCuGZCq-0AJDWhXUZLKABWtP__paOSHoPfr2ZfmC9rsKbh9vc9O88tN5L2NBdPL1RcUYT_l9p5cXA9J3kbs2dgCr6cuNl0Ji8qV46Xm7SbwI5Vi3rt11gJFk9IFCm2le8QMisuPDmGRv2BR06tNRkGuIgZ6ynQYar9oV1vendKzpwEu5HqdPo8LQSKT2PormqXpAf6ADHpN67uf2mUGYlRX4yKD54K6_Iku9hxTaYU37Qfu6bwTYf-U1IxJd05QGZjlXiVyHQaUfD6Me2j79L_7epmxpjqSQf8_Q97DVLgil8z5MtWg_EBR5-b44qGW7RrgxLWGWmLPFxUk5sWq-giCrv56Z5sF9fQkG99Eu5Hh5GPi4ORuyPUndj7jfuB2w7GfwDZYSU7Qva5qzyd49cYiCQ2gcD0X44g3ETyFw-zHZyoXfAnUubJnWJiY43pXn9dVkrS9ql-cpIrlMxf8_jZrXR-n1Z81YkZ7Y1eb0txgGv9VcjRY17nCLv7A8kMXmOEqbEZ6YAlZ3yq6lhdLhVghSv1RxMDL4JUQldQQgzVOqt6vt1-sTvf4dmR89UIJoaED0WSt9RbN4gHavMdajKf3AWpAmvJs8i82BrLNkd8hOkI_l4R0Mk1WNEd857Tg5c-x5HKviTtpfkLPJSowdGBG1ynMmI9dQbH9X39CAzoHHk4fISmPinkFvOngRKG5efwF3gGxhz3wQBksr-s5ltOY4aurMqiHVuuPR2IqFgLn5v6_aIIxH1oXu0o6tgOyJ3-KqQ2Roibxharfz66BWztrgj6fuh39wFN2Yw-SY1P4aPtYmYg8Zl3kJGg21p3B7HA4wYHVR0zVF1vG0boFBwJ3KMTAm9V8ry1r4cmqXEk1dg-vX_NqVwDLhmINbBj13_49c0nsbn1KTN0Zxu_i_B8WanYjTrbbI6Y2aZ7sKlffHCh26frziFICneb-N6lh7MoVAnvIvfiIKw3h9V31W5E2M2uMN58sEC8n4Vs7-91mhMVFZ0-4rHnVJ7hEKaLu90BIX1Ux5SX-SCtn-tIKPAnHtPIipY-GDYGv_RKGTf8ZkbrC3L3-Gn-HaIAbwXCkoJ_zg71h6f1HGVi-LfXP7vnjQ-FPW11fdCX0crrn_trPKq2h7QVtk2CDvQj2k9ayofaavUrnEjkdH0JzXbuiWLgfQ_pRMaEStDz_L9GQhfpYyk0YmIxhr_gorLa6yr71AGSOHXbdzHpNOc_DXA8JzNpT88r4ODAVcJBqINIHkiGXyG0vgcNJ_ikjeW_peQapypNWsNYEjAwPb1rqlSR3FW5IW_8vOPgWcYlJ6CdVZ8jP2W8jrqSTwbNRYls4tPjRAvw2-t-tkNN4WhixZNb8nSvb6cFEQ3TEOodTIuTn3Bkg_5ntHBOK80C9vpErkK_-20boOYDDV8E7tQsfvnxmGZxygBRaeb9UVggxnWzOBJZMmzcUogIhmLdufa7wstVCYxUoxMzm2n9s26EbsUGpDs8KieGEQmk51hHKSI7oS3ZQzqxU7K58h6iCFDXf-4NAVSimKcXn2yIUK9Ydft1r2JXLND-_0_vKN786UMqQX8G2O2ZkckDPE1wigfp1Q72cc6suXaC2NvdI3rgLPFk42z-nAsaB_sSt95OYu9JYus5-nI7vL0YRucblsT-5_09HFMxKGsFBuAxFCnOXF_7mpMxFuCYTKSBpGSebuZ5BoTsrDLocj4U3Ph1Sbr6rNlsGt2wox-lX5DYZ9JCms3DbK3tnT2r7BEmGlDH9-A56b_IWH9USZGicWI5Bsq2OX_-ZKH9eUFBq7vUHlApNlChCSMw3RIXZl0iVdZv2oGq9hWSEhuLkNhJ5UyxRdqW5aCjqX0dLntSJLI53uPTMI5UrAn5-noTaX4Ohrwi6CSlgmq250_QcqmyEhEEJuRD_M1QUcftxY9DcjQTIWxx4DsEm1l7kHFNG4XTkK8OhbjT1SKZjEXNhX-o4xCn3yh8P466So5KWhVZKljzJA-c3kQV3cslDjkKfK8P0it_SxGrvoSnWeU8ho2DPjrh20oN9IndJ191fpNvv3P0ZDz81K3fjRVOS9ZQjPBihQCD5WKGqIn2hlvjx5huG1kd8a_51G0m-fYX_lBVJ0mOlkD2hKgDB63VsafG6R3HqXr7W_qMV5kSTfC6XUJ5vrPhJp_p77my-sc8O4KPYPAC1LIP8y1heQq1drfzzCeKYGDgR_0fi7KRdX2Luqdjpus7ZIRYOozKmUuLuMEOAXU_KrOZn-3HjzsrV-nnUno81FTCwQreKZ8grNmBRMDkZNPdbvY3qUB4vz6lgeeMzQdpfTv9Aad0vNeaJeEnjj6A7MTcrhahdozLAMDsajjLAqaRtlmyNnQ-Zbp8tTaUaCZJTr9pmOwHq4oxBVY1N4C-L_kB6JPk-dn74M2RwoCTStDTgwu6cNelIcc8OrUmgxzNI5V0l9AL79gTDbvHLnNcGpzbzLt_RIc2bgra7aWfQPKNIgeI&cid=CAQSOwDICaaN_Y0ZdvWOdPwKxKsncRiNziMmqC8sbcOMl13jeFgCW9TDcYdAFUFn0yz4Gi4mZjyQhBaZ6VhJGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=16888647861291741000&adk=943508955&idt=210&cac=0&dtd=44

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5f30d6592491df830a946c889a05c2b8dc86310649d8d1d056ec64e629e54f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37552
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
341 B 376ms
376ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 63
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59157
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610769.648527,VS0,VE63
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 6243 210 B
549 B 767ms
224ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

676daf1fc60db61c666eb80ffe4ad3426bf807cc368ae50a034f7ce740778120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 197
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B2C 37 KB
16 KB 436ms
436ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695603568&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695610764837&bpp=850&bdt=1987&idt=3718&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&correlator=6780929860551&frm=23&ife=1&pv=2&ga_vid=812447560.1695610762&ga_sid=1695610769&ga_hid=1681393684&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3546&biw=1600&bih=1200&isw=336&ish=280&ifk=1501350408&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922&oid=2&pvsid=2604262855037237&tmod=1999437054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o9ikezhqzl8i&btvi=1&fsb=1&dtd=3732

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35e0964a6a1381be07a5a7ba3fa907e976dace01edc9b637095bd5d2d438eda2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15893
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 236ms
230ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230056-FRA
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 726ms
140ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 23:29:48 GMT
x-content-type-options: nosniff
age: 185381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Sep 2024 23:29:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 703ms
118ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 04:05:52 GMT
x-content-type-options: nosniff
age: 168817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Sep 2024 04:05:52 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 159ms
159ms Image
image/svg+xml 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 12 KB
0 424ms
150ms Media
video/mp4 212.8.250.227
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.227 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-227.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 25 Sep 2023 02:59:29 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 881ms
421ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 02:59:29 GMT
cache-control: no-store
server: nginx

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 80ms
79ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 765374
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1695610769.990344,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 112295

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.6/ 450 KB
85 KB 63ms
63ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6821ac1069c5b608094d5a29e749191d73518cc784c165982ca0a426a31b3e63

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1695459660
date: Mon, 25 Sep 2023 02:59:28 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: X2ZY85HQ6X8X4743
age: 151062
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1695459673
x-amz-meta-mode: 33188
content-length: 86767
x-amz-id-2: JoPZ6Wv2cVtbbQxOWqFH50ZjBnWtHlbUhGCRCsyHbukpdm7XOMc4pwvJdhMdNB7eEyZN9GbTLFw=
x-served-by: cache-fra-eddf8230056-FRA
last-modified: Sat, 23 Sep 2023 09:01:14 GMT
server: AmazonS3-br
x-timer: S1695610769.990547,VS0,VE0
etag: "76be598034c8f430ac44f5ebbcc41fe7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 106013

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4996 422 B
507 B 340ms
339ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4c2e45664ffe6a038a8906278d1bde5487fd977c082b03893d39f792900e3de8

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 25 Sep 2023 02:59:29 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 309ms
309ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66622845&crid=6926735&dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&cmcv=&pix=31579697&cb=1695610768972&uv=3342&tms=1695610768972&su=3&abt=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:28 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 165ms
156ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Mon, 25 Sep 2023 02:59:29 GMT
via: 1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: WAW51-P3
age: 428702
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230116-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1695610769.020154,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits: 155847

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 1919ms
1281ms Script
application/javascript 18.239.83.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-38.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:42:28 GMT
via: 1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 1027
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Eh4pDV9GFeM7692V6Xe_C6whvlnHdOU8syGYAUjiWhJg2IzrrBqWFQ==

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame B5FE 30 KB
11 KB 154ms
153ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5m7J-pt_FRmN_t_A9P282o57OkUHqUAWTb2naEe7hfntnBfBQdRF4bAMg-gFCpHn8bpPsefL2GiEriN_eQ3PxNhklpg&cry=1&dbm_d=AKAmf-BX0-v2Op8Kr14pTZcldbo58pTNWzIBRtirAwNliYU3df_6qroKHtkNK6I_gNOOAn30xHwxQN7tZQAYHIDBiXYYM0dA6ULNo4Wx-6CZ53yYlgC4GwMiCMIWDnLwa9IG80kx0GzKbJNH9PmrZwJNgFxD4r1VAeR5_KzpQXndwcQpemOjnhWmufTfOVr7bDu_b4ju25gY8DmphxasOA4QdFlwIVuOunTKwIWGEdZvkKDvpp4sPL3_PG6b4NtAvTCStrGNkpw68RBKNtARFq7vdq90FafFlK7Qv7manzlIj3vfHHVE_4AiR9Mb_n1eeSjbq4TU2iTvUeteo7mPgBEz05RcyxJpYa6bWHSe1azMj6RhPDFMFoO1fepC5Q3sp5DdqItv_RhpFh8xB6iyoIGanYxH5agvQM8y1Rkq_SAMTmeisCiHx-MpaZ_F7QhSRXp0hvpDZdAptCC-S-0hDYBGoUSL7RZeTpUtOJzPVsaufUHUKk3CWuXDYOh3v6P5JfvklVQbaZIggUGqWvSsQ_ab_0Ai58YqgjJlAdPBbn7UPa1fygYwaR6CLNOjcU-WqiTq6tXBHsbmIpYaAbD6fM920qun1iOc0INMUb4hhpl_QhmTOFe0aeEAEGco_lKm8qkSonbdszNN8Cmz2uB08FnjhyHkpk8_MMVrrWMdysyoh3onYDJCI73yjA8_Ekqfy4E1XKxId1AfgGXkX_MOCTzGtUHo8yizTBsFcB4qB61-8VgnjQLa1BOKkszZW4A7hY4DL5N8w89-YYUoAHyne_qfCKzfEYtyUksw-R5NRq9jRIC33dAKXdSOYbd0Xf0hTn0I1EN_L_Mn8l92QuLgKQvhDhMR9pU4qpqLdfLftcySyxMYSiT_zJhvvnNZ_6ZMnyVuZLD6G9tPgRgtvs_NsLJ5RCZnt-Q2akY4-Yxjq5K8jtxLKircKbmJTdei6M49R-3giWSH9_f5sfmTdosRzNbc2K6FVo6NaKSXn6gxj03OiHP7bAX1aRry7cxqGhgvt8M6JCQ40W-7qnbhPNg2ZzkCUTBs3Wg77TCTy-4jpMqa5O_8b6SBtNepejGJYQuIIF3kS_yCa4z7_oumHMZReGaj5R7HQI8Oh7rBaa2kk7Adlu2Pmh3dpoV-Y_cfnEo71UPDp2WBxrd6Vp8zigyNwa8gqq4PVza7zp6ewOKcn_GbxpYX0xlMeEnrMTAoqysDaBTahw7JS0Hy5WwUrQ9UIpx2lkDptTPFWdhxUkGHf84fBQKYtTGVA5GbkxcIz9w6jpgspvACfJ7MVEqdpRoSh1WfvVBKrpCNTUu8IH2DTDO88-xCM7_Z5ZvYKin5or3HEJCl_-fIRvyOsydvGz-pIMrJQMao3AANWe6ecw3DHSx06f-Y82asZbP5XgcNmGCuGZCq-0AJDWhXUZLKABWtP__paOSHoPfr2ZfmC9rsKbh9vc9O88tN5L2NBdPL1RcUYT_l9p5cXA9J3kbs2dgCr6cuNl0Ji8qV46Xm7SbwI5Vi3rt11gJFk9IFCm2le8QMisuPDmGRv2BR06tNRkGuIgZ6ynQYar9oV1vendKzpwEu5HqdPo8LQSKT2PormqXpAf6ADHpN67uf2mUGYlRX4yKD54K6_Iku9hxTaYU37Qfu6bwTYf-U1IxJd05QGZjlXiVyHQaUfD6Me2j79L_7epmxpjqSQf8_Q97DVLgil8z5MtWg_EBR5-b44qGW7RrgxLWGWmLPFxUk5sWq-giCrv56Z5sF9fQkG99Eu5Hh5GPi4ORuyPUndj7jfuB2w7GfwDZYSU7Qva5qzyd49cYiCQ2gcD0X44g3ETyFw-zHZyoXfAnUubJnWJiY43pXn9dVkrS9ql-cpIrlMxf8_jZrXR-n1Z81YkZ7Y1eb0txgGv9VcjRY17nCLv7A8kMXmOEqbEZ6YAlZ3yq6lhdLhVghSv1RxMDL4JUQldQQgzVOqt6vt1-sTvf4dmR89UIJoaED0WSt9RbN4gHavMdajKf3AWpAmvJs8i82BrLNkd8hOkI_l4R0Mk1WNEd857Tg5c-x5HKviTtpfkLPJSowdGBG1ynMmI9dQbH9X39CAzoHHk4fISmPinkFvOngRKG5efwF3gGxhz3wQBksr-s5ltOY4aurMqiHVuuPR2IqFgLn5v6_aIIxH1oXu0o6tgOyJ3-KqQ2Roibxharfz66BWztrgj6fuh39wFN2Yw-SY1P4aPtYmYg8Zl3kJGg21p3B7HA4wYHVR0zVF1vG0boFBwJ3KMTAm9V8ry1r4cmqXEk1dg-vX_NqVwDLhmINbBj13_49c0nsbn1KTN0Zxu_i_B8WanYjTrbbI6Y2aZ7sKlffHCh26frziFICneb-N6lh7MoVAnvIvfiIKw3h9V31W5E2M2uMN58sEC8n4Vs7-91mhMVFZ0-4rHnVJ7hEKaLu90BIX1Ux5SX-SCtn-tIKPAnHtPIipY-GDYGv_RKGTf8ZkbrC3L3-Gn-HaIAbwXCkoJ_zg71h6f1HGVi-LfXP7vnjQ-FPW11fdCX0crrn_trPKq2h7QVtk2CDvQj2k9ayofaavUrnEjkdH0JzXbuiWLgfQ_pRMaEStDz_L9GQhfpYyk0YmIxhr_gorLa6yr71AGSOHXbdzHpNOc_DXA8JzNpT88r4ODAVcJBqINIHkiGXyG0vgcNJ_ikjeW_peQapypNWsNYEjAwPb1rqlSR3FW5IW_8vOPgWcYlJ6CdVZ8jP2W8jrqSTwbNRYls4tPjRAvw2-t-tkNN4WhixZNb8nSvb6cFEQ3TEOodTIuTn3Bkg_5ntHBOK80C9vpErkK_-20boOYDDV8E7tQsfvnxmGZxygBRaeb9UVggxnWzOBJZMmzcUogIhmLdufa7wstVCYxUoxMzm2n9s26EbsUGpDs8KieGEQmk51hHKSI7oS3ZQzqxU7K58h6iCFDXf-4NAVSimKcXn2yIUK9Ydft1r2JXLND-_0_vKN786UMqQX8G2O2ZkckDPE1wigfp1Q72cc6suXaC2NvdI3rgLPFk42z-nAsaB_sSt95OYu9JYus5-nI7vL0YRucblsT-5_09HFMxKGsFBuAxFCnOXF_7mpMxFuCYTKSBpGSebuZ5BoTsrDLocj4U3Ph1Sbr6rNlsGt2wox-lX5DYZ9JCms3DbK3tnT2r7BEmGlDH9-A56b_IWH9USZGicWI5Bsq2OX_-ZKH9eUFBq7vUHlApNlChCSMw3RIXZl0iVdZv2oGq9hWSEhuLkNhJ5UyxRdqW5aCjqX0dLntSJLI53uPTMI5UrAn5-noTaX4Ohrwi6CSlgmq250_QcqmyEhEEJuRD_M1QUcftxY9DcjQTIWxx4DsEm1l7kHFNG4XTkK8OhbjT1SKZjEXNhX-o4xCn3yh8P466So5KWhVZKljzJA-c3kQV3cslDjkKfK8P0it_SxGrvoSnWeU8ho2DPjrh20oN9IndJ191fpNvv3P0ZDz81K3fjRVOS9ZQjPBihQCD5WKGqIn2hlvjx5huG1kd8a_51G0m-fYX_lBVJ0mOlkD2hKgDB63VsafG6R3HqXr7W_qMV5kSTfC6XUJ5vrPhJp_p77my-sc8O4KPYPAC1LIP8y1heQq1drfzzCeKYGDgR_0fi7KRdX2Luqdjpus7ZIRYOozKmUuLuMEOAXU_KrOZn-3HjzsrV-nnUno81FTCwQreKZ8grNmBRMDkZNPdbvY3qUB4vz6lgeeMzQdpfTv9Aad0vNeaJeEnjj6A7MTcrhahdozLAMDsajjLAqaRtlmyNnQ-Zbp8tTaUaCZJTr9pmOwHq4oxBVY1N4C-L_kB6JPk-dn74M2RwoCTStDTgwu6cNelIcc8OrUmgxzNI5V0l9AL79gTDbvHLnNcGpzbzLt_RIc2bgra7aWfQPKNIgeI&cid=CAQSOwDICaaN_Y0ZdvWOdPwKxKsncRiNziMmqC8sbcOMl13jeFgCW9TDcYdAFUFn0yz4Gi4mZjyQhBaZ6VhJGAE&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=16888647861291741000&adk=943508955&idt=210&cac=0&dtd=44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11587
x-xss-protection: 0
server: cafe
etag: 192838463742493612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 21:53:43 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/ Frame B5FE 11 KB
4 KB 159ms
159ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 21:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 21:53:43 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B5FE 0
0 399ms
142ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvShZOqTHKYNpL44DDpzzL09ZqwMmZTNYVvppBGlFJE9aggJ7zm93q7cZaLKXnHJY2WIbXf5I9UX63u-Q9RclGlcev-nK_bx5KxlHJzdFw1wQt2paVCHpWbUlvhqEIE5SuNA1KUVqH95hQT3QPhA3V7-JUXLuD7ighfRpJ77JuO6fw46UsjBidqyu_vF5uygPaJ-utyaVtDDjP1mZEVU_XqmJlDdPT7NIhIs-qHAzT5yKbOtBzp-kkZ1Y-KuxV5XU0O8bV-G2Y5070Ur8tdWCKFyhplVWRqa2c2Eqc0vOek-AfE-DE9AOQFSJ2-ZjLxwIpA16gecKWW4gT-2VWQitDIa0lOGny_mZtVPfb10s1JR4Q5HEGp87Z7dzVIFgqDSZkdividtquXCsForzLXOb_YH_tKRTppsx4UygMpLsX00KaQ4CUHUxxnn_tKRrr1R8ncDXJUa2NQRyb_b-nBoMQG0R-5IxCfyUNFFGN3d4wNo-G3umKP0hKuJ_7gqBkspRjZjwgcRlg89Gr9U7enYuvHLdbJwQgptjeG9C151adqIaXbgWOtPBBJGyVAlStcbIRlQBREZp5_Y1GVf-ZC4I9BX4IIVr5rh-6sJBQEJBHzEV1sDiKZv1fLrU92J3xX5Wvw_-J3pW4q5DsIsXhKu4YAypDeLUCiqVcYsAWb_LaPqhFKz4rbFOr9lzNEYhlJNAzuu0mlK1eCr8Ci9854ZYx-V00fLt3U1YofghFusRS35OsrviRtk8JLDeA-VaOYQl5IJtOPfn_v9NG_xdVBRkc3cAm8GHKoYjzq5INA4E5q-BOdHBDz-r0Lh6D5f9flkK4qTCyTNYl_g6XJSsTLc51g_YZGdk8Drh2IsAuCHW3-zlRJQxXkRt_bcOSya8QoOIvN4NLO99uWqtKg1AiGsupp_a8fjKfJQgyMowhlB-l1PUczeMd86YbN5YbrqVmbIXhIz1j4KNNJzk0509yn8mDMefgLdSJpTABL3TdBGqNAj-ggAH3q96pb162kSRwdtzctwPoa17IP8ttpnD660s9DvWlh5wg8xRuBOgVR06FsZdNSS9Vy9nYPlYddzJQI7ZaZ8r-k0eOV5KWMjm_gGPyvFieUoV8B_KkVXU0sGI_6Zw8qnHtNR_A4kwKg6ukk85rl00cJ_hLbtesr4EHUvzKC_QdfwtLmAQXfCbuhgGeU64W7fjnENXuX2_It_N_kH3_7xmGovT1ldo924sL__hjOSor5LT4qdgfSSFdOkRuaA9NjCPTNaCQ5vZYKT-JyxgP0SUiCdYTrtrlY4Q1VlfDPa28DUZYqfIy00IZOXD-mVKBreIaPn4uzDjym9dRHqMWy_ll1VcRcRzGRGXobk3TKZ-cxFEkJKwH8hOf-Wc92e0RGiMsGI8rqddzbuYo2_91tITMqlaCXTgRjHEBT4s0&sai=AMfl-YTGvh2FiF9VN3sDrlMfSzarD01sOWbjCNq4fk1xmih9CPYu5QA0_HBj0JdIJRiPFGTA_5N-d2yiKt7IC7hJ_5sQckGCUHyP7TNjlhfcoN_hmqNEZu9BI-mkgu__jbgMRa-zHahu4T2FHDCgIVtOXxywVTOCjUDWq3kTWZ9S6AEG8jPoAZtGPLj_A7M7HcPZJkprzTdxVQxFGEkpHqit_bDhLfqx8OQqd4iB1i1svh56N3AZK-s3boSGcFSk_QbeLcoF&sig=Cg0ArKJSzNs5k0UCDJEKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230920.62922&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 02:59:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:29 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B5FE 41 KB
14 KB 150ms
149ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 23:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 357617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2024 23:39:12 GMT

GET
H2 200 9137444777485307675
s0.2mdn.net/simgad/ Frame B5FE 88 KB
88 KB 152ms
152ms Image
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/9137444777485307675

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

4c11c274929b4d0de6bfb84da76cecd0415020ae137ebfbebcd5c63e03396497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:26:41 GMT
x-content-type-options: nosniff
age: 275568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89859
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 10:53:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Sep 2024 22:26:41 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5C3C 1 KB
738 B 244ms
243ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:28:53 GMT
etag: 48472445140208031
expires: Tue, 26 Sep 2023 02:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B5FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becb140d5d9ad8ecfe2b8b211d97d73d57a62f73aab3d6914bf483579c14360e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A52D 52 KB
20 KB 1972ms
351ms Document
text/html 178.250.7.4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRD3kAAKjggFkVaSAA0p8nRnV2pODclRJ9V21w&u=%7C%2F1QK3loR%2FNxuUZb3k6wjnhAcZt91r1UtohEQ8caa368%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwWFGi6Cf7dYmupCZ2KqtU-p_t_D_dnGKU7IEdER8-2lEDdN-FOLaexjZBcbPylEfe-a_KRRjPCB26pEg8kIrRcPNRWyWrA8OOIEZr7IkoUFHhkj_Cbof-5_5xp3XQQHSpzQed1jVR9WaZJ2kxK7k4zrC6ZhbOM9KSkvsArepaomdFeKvcR6Z4A8wyvSz7TLbLk1HoHH5S8qnKlDdrGqAYI02M3UZV2FHxTMYlAVBfP5rbgoeOwVpvxLSuGVT1TW7ipsMSqddG_KICQVfkgjP2Obt_P5g1Pz3AKUDwBjUG-3ySMT6zxYA7zVJNytT2PjN2UUDBGMG6BZI98IEdfOop6LuyZ_iAWX6oWQGFrb_pSHNc8UpEjXgyzGzkNymKGiW7YtlRZ2XYOmjP1eTjLxagjxL2rJl8F0fBeb5esisXsn6D7DFANpaNXlTW72Bbeuhp6JmaCxNglaYlLg5qPCEQ04rX1Dt26H6p2oeG7gOgECOBJK8xlXgl4VI-dToEweqQKqmYziWGbTblnMmkixDbTQeUpnEmLQx-BulidTFtQMJtk6A47P8rpq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJWVHkPcQZYicKpKtxdwP8tO0YMme0rFc1Z2R93DAjbcBEAEgAGD1tcqB4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCYTFGH3HfsT6oAwHIAwKqBLoCT9C7Vxm4sfW7KyKwLaxZjuIHBRwjLDfGCuhXOYS5mI-FMafEd68_eKw4cSRRX0nBjg3DMeyM1PazZdm_dp6YUHG5bNZLTCzWYuzkABe35rJ0bTJ706AGaSBOnlWGCX23iqbI2hS7xkGGcINeE3y_81X8twEHFx6CaQQJncq47TRDPiGxFHUOzfoyBVgcvlBQeQ2MemhpkFGgj-zQv-_vKd8DWFE5LKmK_UMnFKAmLSNYKJJbs8fPjmQqVhmw34a1a577hk-vRk9HpogXvNEAhHtFZLYSZKhTliu0iIJyZU4C1urWrAT6scABiAx1JsQehfFlB3IPwfceww8rPXDDerhkAYnGi0ByPkoLB9yz9SygHikmyAUPEGlCD5JBYP6bs4lTvjkTFL35MRFZJXcPJI5kRMyfRoMnyeaABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OZ0yQR7bqEDHyKAFKSujBpURVrA%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695603568&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695610764837&bpp=850&bdt=1987&idt=3718&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&correlator=6780929860551&frm=23&ife=1&pv=2&ga_vid=812447560.1695610762&ga_sid=1695610769&ga_hid=1681393684&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3546&biw=1600&bih=1200&isw=336&ish=280&ifk=1501350408&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922&oid=2&pvsid=2604262855037237&tmod=1999437054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o9ikezhqzl8i&btvi=1&fsb=1&dtd=3732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a4234d4622442efaebe4d80e3b964aa701b1ae8ddf20177b9ed37ba723e4db62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7N_UBSFuWSg7HfRBe6bwZeP5RlozrmHkRecrEjdyzHY11G2xB7K_zt0oXTZTutNjE7yTiT6V0z1F2PYWcul_c3dqwhbSi9xLmtpLSEwUw6QWhkhuMRLurBzfddCgyY1yTep4JniNxdL1typvxgZGNuE5pMG1Ai2ea8Klsvbg1PKMAkYkgymH4zWHH6G6NDYt5G7xKqdS3FHZ7rGHdhwyP8FA1aRG_kZjUSSN1ILCcXC_eruQ-StZxsC26XBa04Ag69smDQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 2491320
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0B2C 3 KB
1 KB 136ms
135ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 16:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 16:33:53 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D4F7 1 KB
677 B 207ms
206ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1836
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:28:53 GMT
etag: 48472445140208031
expires: Tue, 26 Sep 2023 02:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 0B2C 20 KB
8 KB 130ms
130ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 12:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:26:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0B2C 0
0 130ms
129ms Image
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLLNRIWU8HvTIzcQISOrrMvVfJ36WMGe8LgSAzEaD5lJTv5AUhuMozkpV84Z152fkaURjCCptUE4fhyQ2_QDb5CjwTyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695603568&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695610764837&bpp=850&bdt=1987&idt=3718&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&correlator=6780929860551&frm=23&ife=1&pv=2&ga_vid=812447560.1695610762&ga_sid=1695610769&ga_hid=1681393684&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3546&biw=1600&bih=1200&isw=336&ish=280&ifk=1501350408&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922&oid=2&pvsid=2604262855037237&tmod=1999437054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o9ikezhqzl8i&btvi=1&fsb=1&dtd=3732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B2C 182 KB
57 KB 144ms
143ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58105
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695209545430561"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 02:59:29 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 1699ms
230ms Script
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 02:59:30 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 232 KB
232 KB 1771ms
1441ms Media
video/mp4 212.8.250.227
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.227 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-227.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=16973824-

Response headers

Date: Mon, 25 Sep 2023 02:59:30 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16973824-17211103/17211104
Connection: keep-alive
Content-Length: 237280

GET 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 0
0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A963 38 KB
13 KB 209ms
208ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 578003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Sep 2023 10:26:06 GMT
expires: Tue, 17 Sep 2024 10:26:06 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0B2C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1161b35335fc9b079741e0afbe73a3b99d7493d96febabaf6290733980be07e2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5C3C 43 B
363 B 1264ms
641ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQqHhhQuIScalYfsGmh0ZlHoeIilT6zJXf8SANEqelvwtQgOQx-jLtxqgxDYwfPgZjrNxRQMtOVsICZ_acBZnrqZy661c8Jgw&google_gid=CAESEC7ogog-i7JxpObWY3X-6S0&google_cver=1

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:29 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 200987
expires: Mon, 25 Sep 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C3C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBXKwWDAdn8pfKtM-gMEh1E&google_cver=1&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBXKwWDAdn8pfKtM-gMEh1E&google_cver=1&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5OTk3NzMxNzU0NTE0MjM5NA&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdG...

170 B
188 B

1402ms
1401ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5OTk3NzMxNzU0NTE0MjM5NA&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyOd9EDFGNdkL6IL4AXslN1

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ5OTk3NzMxNzU0NTE0MjM5NA&google_push=AXcoOmTwHvOxQUm9fs-QY_g1mlJagQRkXKxNEZoCo9E7ExQTGE4uPhTWNaW6TuKj8LBTxb7ZSMyFdGyOd9EDFGNdkL6IL4AXslN1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C3C
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEAh6VjOW2O-IKKMZhjLcI1o&google_cver=1&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA&google_hm=M1J4U1FWVjg4MFZTMV...

170 B
188 B

853ms
853ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA&google_hm=M1J4U1FWVjg4MFZTMVphTW9WdHM=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS9aojiNKsXqfd_2nVG-0N0kwU9Kr2WgzR3BS5hgftyTpLLPESEHP-GzPKH0P6WDhIKWcLS94pOVHOFpcehUB990CFqMecfnA&google_hm=M1J4U1FWVjg4MFZTMVphTW9WdHM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C3C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTpVHlr9M6Tckv7-Pwoy...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&google_hm=A7O3AzsJw0SDsDXFs9_Jq1k

170 B
188 B

2211ms
2210ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&google_hm=A7O3AzsJw0SDsDXFs9_Jq1k

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTpVHlr9M6Tckv7-Pwoy9HczMebTQkbmdF-kNRgdPSbM8a74f7VPISs6yxG0vRDSbxkYEIJXjUBcnUapMPXiEdbZnrFYTT3xg&google_hm=A7O3AzsJw0SDsDXFs9_Jq1k
date: Mon, 25 Sep 2023 02:59:32 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb3b7033b09c34483b035c5b3dfc9ab59003
content-type: text/html

GET
H/1.1 200
OK pub
cs.chocolateplatform.com/ Frame 5C3C 0
134 B 4182ms
957ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPJqyslaJZ_2I5UkwYt6UVU&google_cver=1&google_push=AXcoOmQ_P3dnjblKduQbybkwgJu2fuRtqiuJ2g3m-byERkBR3Bcjh5QG4eSudDxh5m6HIZwk3aoX3O94_9yYdXfiKjOMRD4s7xEHeA
Requested by: Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: CookieSync Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 02:59:32 GMT
server: CookieSync Server
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C3C
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIISrObqOIHe1433Zd1di44&google_cver=1&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi-TLDGyw&google_hm=NTE0MjMzN...

170 B
188 B

670ms
670ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi-TLDGyw&google_hm=NTE0MjMzNjcyNTQxMjQ1MDQwMA==

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQRfPh7M0DYTJlagsd3CBCwF5DB2fNmihPDU340_cQSlumyRDwSIo8nwk6gqb3Ii4PMR2hVo9s4dGRqY5o7pyhf7qi-TLDGyw&google_hm=NTE0MjMzNjcyNTQxMjQ1MDQwMA==
Date: Mon, 25 Sep 2023 02:59:30 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C3C
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEFk1uHxWUH-V4Tl81hhz9Mk&google_cver=1&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrr...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrrgPU-mI&google_hm=f34e9699b96...

170 B
188 B

1176ms
1175ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrrgPU-mI&google_hm=f34e9699b96dc12c16kdxa00lmyavgcf

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmT0J65KG-pp5lnq6O5WbENIra-lXvQPDeaTP2rTWlrKYq6VcH7gqKFXl67UGgwktZRQ9xbvCm_rUjlYgnJ7Jkh3uCUrrgPU-mI&google_hm=f34e9699b96dc12c16kdxa00lmyavgcf
date: Mon, 25 Sep 2023 02:59:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5C3C 0
12 B 133ms
131ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2ngWAOeQ8Yqvb3VQp32pevuRJsosAUWBcWvOR3OHiugnvi1JjsiU7tkOodU2QHjDipAs2eKc

Requested by

Host: 9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com
URL: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame D4F7 35 B
462 B 140ms
126ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAo6qiZ-kg9qoWfdFfGG6dQ&google_cver=1&google_push=AXcoOmQILbDksqGZg50wyNgyTn6KL2z5TcTF0Qz5pjpseyqtNL16ekTyg8uDUYuzJqip0OLM8_Qz9C74KEk4S0wKiyW5NXFr7bQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D4F7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao...

43 B
453 B

497ms
488ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695603568&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695610764837&bpp=850&bdt=1987&idt=3718&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&correlator=6780929860551&frm=23&ife=1&pv=2&ga_vid=812447560.1695610762&ga_sid=1695610769&ga_hid=1681393684&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3546&biw=1600&bih=1200&isw=336&ish=280&ifk=1501350408&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922&oid=2&pvsid=2604262855037237&tmod=1999437054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o9ikezhqzl8i&btvi=1&fsb=1&dtd=3732
Protocol: H2
Server: 104.18.25.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80c002f81f580211-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 235
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAeJgmpJteHu9WHMI8Ilk4k&google_cver=1&google_push=AXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ3t6FdY-ccec76yYe-q2q1DH5H3ZYBo6DrkxThhAQYDAdqLbRLl8JXKKNkvUkXKNXyzeiHcCpQBvqlLCIFp78-M6tlSao%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 80c002f4dd210211-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENBRstC-JOjmR6NPBXXhmCA&google_cver=1&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseuG...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0XTRd__XixJf2QPcFUibx8KmgA&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseu...

170 B
188 B

1050ms
1049ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0XTRd__XixJf2QPcFUibx8KmgA&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseuGF8bLpdnzneMw

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=J0XTRd__XixJf2QPcFUibx8KmgA&google_push=AXcoOmSVUSU4vx1S6qDxPPGSSANhGVNWtp8v4aDbrNt-Sx-8YB8jXs36LHTwTB_HmHNJkmXFXi6STJSqDaHseuGF8bLpdnzneMw
Date: Mon, 25 Sep 2023 02:59:31 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F7
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENgvd4o93HkOtxLSeRD41Co&google_cver=1&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZ...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENgvd4o93HkOtxLSeRD41Co&google_cver=1&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw&google_hm=HYMTuGZHaiMADsI2QaO2ipHr

170 B
188 B

194ms
193ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw&google_hm=HYMTuGZHaiMADsI2QaO2ipHr

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 25 Sep 2023 02:59:34 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ60_PlDYy0qh9rmTCbbcABr7011WFePBdYjHI5MbIywGlG9tPlFtfkLKLfwVVMP6qvHpHHRLEo7-a2vaoyZbYQvheSnw&google_hm=HYMTuGZHaiMADsI2QaO2ipHr
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F7
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEFr4MyUKgQnRnnGPsyBSqY&google_cver=1&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayv...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEFr4MyUKgQnRnnGPsyBSqY&google_cver=1&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2l...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LJk9_HevS06Ec1mPTOpbmA&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2...

170 B
188 B

238ms
238ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LJk9_HevS06Ec1mPTOpbmA&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayvL8-Z4

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=LJk9_HevS06Ec1mPTOpbmA&google_push=AXcoOmQksCpL2wXEETaSrw1JeOc4C4SCyW_UU4h3FCaAy46-MplApLQrcgMAmUFIV45aJ_b7JBCnIi9dse0Gcl2lKj-ayvL8-Z4
access-control-allow-origin: *
date: Mon, 25 Sep 2023 02:59:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D4F7
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGRqpDwKP_VCa_LWk4AEM0s&google_cver=1&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQw...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQwECcLUKblpEitXq2_zfcEE&google_hm=NzQ0MDY3ODQ...

170 B
188 B

651ms
650ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQwECcLUKblpEitXq2_zfcEE&google_hm=NzQ0MDY3ODQyMTU3NTk5NjE5Nw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTZpJ1Kp5qwxvrYoKXgzKvszv-dcNJ_hV7BXxCdM02yegCeyO4RthvUyQiX20oGmhF2dgluQwECcLUKblpEitXq2_zfcEE&google_hm=NzQ0MDY3ODQyMTU3NTk5NjE5Nw%3D%3D
date: Mon, 25 Sep 2023 02:59:30 GMT
content-length: 0

GET google
sync-dmp.aura-dsp.com/match/ Frame D4F7 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D4F7 0
12 B 121ms
110ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1XTZ9KlQZiruIgHD1TpfIPPt2ZGotQgEKL7q-MFpGi0hM2XmLjA0gAfxUAM-rjCW5ZdIKMQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B5FE 0
0 247ms
244ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvShZOqTHKYNpL44DDpzzL09ZqwMmZTNYVvppBGlFJE9aggJ7zm93q7cZaLKXnHJY2WIbXf5I9UX63u-Q9RclGlcev-nK_bx5KxlHJzdFw1wQt2paVCHpWbUlvhqEIE5SuNA1KUVqH95hQT3QPhA3V7-JUXLuD7ighfRpJ77JuO6fw46UsjBidqyu_vF5uygPaJ-utyaVtDDjP1mZEVU_XqmJlDdPT7NIhIs-qHAzT5yKbOtBzp-kkZ1Y-KuxV5XU0O8bV-G2Y5070Ur8tdWCKFyhplVWRqa2c2Eqc0vOek-AfE-DE9AOQFSJ2-ZjLxwIpA16gecKWW4gT-2VWQitDIa0lOGny_mZtVPfb10s1JR4Q5HEGp87Z7dzVIFgqDSZkdividtquXCsForzLXOb_YH_tKRTppsx4UygMpLsX00KaQ4CUHUxxnn_tKRrr1R8ncDXJUa2NQRyb_b-nBoMQG0R-5IxCfyUNFFGN3d4wNo-G3umKP0hKuJ_7gqBkspRjZjwgcRlg89Gr9U7enYuvHLdbJwQgptjeG9C151adqIaXbgWOtPBBJGyVAlStcbIRlQBREZp5_Y1GVf-ZC4I9BX4IIVr5rh-6sJBQEJBHzEV1sDiKZv1fLrU92J3xX5Wvw_-J3pW4q5DsIsXhKu4YAypDeLUCiqVcYsAWb_LaPqhFKz4rbFOr9lzNEYhlJNAzuu0mlK1eCr8Ci9854ZYx-V00fLt3U1YofghFusRS35OsrviRtk8JLDeA-VaOYQl5IJtOPfn_v9NG_xdVBRkc3cAm8GHKoYjzq5INA4E5q-BOdHBDz-r0Lh6D5f9flkK4qTCyTNYl_g6XJSsTLc51g_YZGdk8Drh2IsAuCHW3-zlRJQxXkRt_bcOSya8QoOIvN4NLO99uWqtKg1AiGsupp_a8fjKfJQgyMowhlB-l1PUczeMd86YbN5YbrqVmbIXhIz1j4KNNJzk0509yn8mDMefgLdSJpTABL3TdBGqNAj-ggAH3q96pb162kSRwdtzctwPoa17IP8ttpnD660s9DvWlh5wg8xRuBOgVR06FsZdNSS9Vy9nYPlYddzJQI7ZaZ8r-k0eOV5KWMjm_gGPyvFieUoV8B_KkVXU0sGI_6Zw8qnHtNR_A4kwKg6ukk85rl00cJ_hLbtesr4EHUvzKC_QdfwtLmAQXfCbuhgGeU64W7fjnENXuX2_It_N_kH3_7xmGovT1ldo924sL__hjOSor5LT4qdgfSSFdOkRuaA9NjCPTNaCQ5vZYKT-JyxgP0SUiCdYTrtrlY4Q1VlfDPa28DUZYqfIy00IZOXD-mVKBreIaPn4uzDjym9dRHqMWy_ll1VcRcRzGRGXobk3TKZ-cxFEkJKwH8hOf-Wc92e0RGiMsGI8rqddzbuYo2_91tITMqlaCXTgRjHEBT4s0&sai=AMfl-YTGvh2FiF9VN3sDrlMfSzarD01sOWbjCNq4fk1xmih9CPYu5QA0_HBj0JdIJRiPFGTA_5N-d2yiKt7IC7hJ_5sQckGCUHyP7TNjlhfcoN_hmqNEZu9BI-mkgu__jbgMRa-zHahu4T2FHDCgIVtOXxywVTOCjUDWq3kTWZ9S6AEG8jPoAZtGPLj_A7M7HcPZJkprzTdxVQxFGEkpHqit_bDhLfqx8OQqd4iB1i1svh56N3AZK-s3boSGcFSk_QbeLcoF&sig=Cg0ArKJSzNs5k0UCDJEKEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&vt=11&dtpt=322&dett=2&cstd=0&cisv=r20230920.62922&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:29 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4996 70 B
264 B 119ms
118ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 4996
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/f7df8091-559d-416d-9211-cfe9cbc4cf26-tuctc0a7d0c?gdpr=1&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A

0
98 B

730ms
730ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:30 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47655

Redirect headers

date: Mon, 25 Sep 2023 02:59:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-gOxkSTlE2oSOh28O4aUOgblPil6GaYaIMsmzOg--~A
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 4996 43 B
145 B 109ms
108ms Image
image/gif 3.76.65.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.65.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-65-13.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B2C 0
133 B 171ms
167ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdv9WkPcQZYicKpKtxdwP8tO0YMme0rFc1Z2R93DAjbcBEAEgAGD1tcqB4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCYTFGH3HfsT6oAwHIAwKqBLcCT9C7Vxm4sfW7KyKwLaxZjuIHBRwjLDfGCuhXOYS5mI-FMafEd68_eKw4cSRRX0nBjg3DMeyM1PazZdm_dp6YUHG5bNZLTCzWYuzkABe35rJ0bTJ706AGaSBOnlWGCX23iqbI2hS7xkGGcINeE3y_81X8twEHFx6CaQQJncq47TRDPiGxFHUOzfoyBVgcvlBQeQ2MemhpkFGgj-zQv-_vKd8DWFE5LKmK_UMnFKAmLSNYKJJbs8fPjmQqVhmw34a1a577hk-vRk9HpogXvNEAhHtFZLYSZKhTliu0iIJyZU4C1urWrAT6scABiAx1JsQehfFlB3IPwfceww8rPXDDerhkAYnGi0ByPkoLB9yz9SygXCsHWoWcwFTk37Wb7N5yF4d0tI8ZOqV7hdlkg4WwOqJ83AYLZmqABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=bI_9E1xIjyY&uach_m=[UACH]&cid=CAQSOwDICaaN-zbwg2P79X7KrWrKPzAKIHrrw7ewpEa8qq0rNxe6YZeYLHZlyq2DTJOEELJgovfqQBXKZjYjGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695603568&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695610764837&bpp=850&bdt=1987&idt=3718&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&correlator=6780929860551&frm=23&ife=1&pv=2&ga_vid=812447560.1695610762&ga_sid=1695610769&ga_hid=1681393684&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3546&biw=1600&bih=1200&isw=336&ish=280&ifk=1501350408&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922&oid=2&pvsid=2604262855037237&tmod=1999437054&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o9ikezhqzl8i&btvi=1&fsb=1&dtd=3732
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Sep 2023 02:59:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 0B2C 0
126 B 1818ms
411ms Image
text/plain 178.250.7.12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6qtEYbWC9ACmAKdg2ICAgAAACE5AQwCW-6IxF7uSiCbaOUQkPcQZccuBYjAODI7NxAAABIAAAoKQVFVRER3RUJEdw&wp=ZRD3kAAKjggFkVaSAA0p8nRnV2pODclRJ9V21w&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:30 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 151934
server: Kestrel
content-length: 0

GET
H/1.1 200
OK index.html Show response
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/ Frame C52E 11 KB
3 KB 5829ms
4739ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: d4d08c9b3330ec71472a23f1e49461a96c0bc74e7e591731f0253d3f8bc88b2b

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 242171
Cache-Control: max-age=3888000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2532
Content-Type: text/html
Date: Mon, 25 Sep 2023 02:59:30 GMT
ETag: W/"fd1527a73d44a43db05527eda5572e83"
Expires: Mon, 06 Nov 2023 07:43:19 GMT
Last-Modified: Fri, 22 Sep 2023 07:34:50 GMT
Server: nginx/1.21.3
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
X-Clv-Request-Id: ddd01144-3276-4b62-ae83-e646f2eff1dd
X-Clv-S3-Version: 2.5
X-Served-By: cache-lga21938-LGA, cache-fra-eddf8230033-FRA
X-Timer: S1695610771.555087,VS0,VE1
x-amz-request-id: ddd01144-3276-4b62-ae83-e646f2eff1dd

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 621C 52 KB
17 KB 1088ms
1087ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 25 Sep 2023 02:59:29 GMT
ETag: "623de86a-cf34"
Expires: Tue, 26 Sep 2023 02:59:31 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 57FF 0
644 B 132ms
131ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&e=wqT_3QKEBvBMBAMAAAMA1gAFAQiO78OoBhCYoZCS9orXpUQYk6eg7dD4hKwhKjYJria3fgTvwz8R8pfH3t3vwj8ZAAAA4FG4vj8h8pfH3t3vwj8priYJJNgxAAAAQOF6hD8w8uzGCjj9XEC1XkjjA1C6iYq2AVi5tIoBYABotZGzAXiC2QWAAQGKAQNVU0SSBQbwfZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AK3ol7qAm5odHRwczovL3d3dy5iZzMuY28vYS90YWktamktZGlhbi1qaS1qaW4taHVpLWp1YW4temVuZy16aG9uZy1ndW8tZnUteWktbGluZy1qaWUtaAEYIGZhbmcteWktYwVHATTwfWhhbi5odG1sgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD9MDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAszMS4xMC4xNTQuMKgEALIEEAgAEAQY2AUg-gEoATAAOAK4BADABADIBADaBAIIAeAEAfAEuiE1WIgFAZgFAKAFiMy93MiU5bNDwAUAyQUABQEU8D_SBQkJBQvwiwAAANgFAeAFAeoFVQpR5aSp5aSp6KaB6IGe77yM6Ie656mN6Zu75Z-66YeR5pyD5o2Q6LSI5Lit5ZyL6ZmE6Yar44CM6Zu25o6l6Ke46Ziy55ar5o6h5qqi56uZ44CNEgDwBfY4-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAY0VAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4LZBdIHDRW8ASYM2gcGCAUJ8GvgBwDqBwIIAPAHtfYMighHCkMAAAGKykcCsERLXFdiRBCYmTATTMqe30YXN1yIP5GND-b4NjbQ96Pbd8JSuxgO9N4zJiIIr5B2vLjnRhbX0d14oOhJEAGVCAAAgD-YCAHACADSCAYIABAAGAA.&s=bc917a206774c7e736707724d10165778108610b&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:29 GMT
an-x-request-uuid: 954b8325-4698-4973-885b-fb08d6a28f21
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 kCe9S3aj7jfUjwYx99ulknlDr7XLXs4KDWbr4KPVvU0.js Show response
pagead2.googlesyndication.com/bg/ Frame A963 38 KB
15 KB 1225ms
1225ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kCe9S3aj7jfUjwYx99ulknlDr7XLXs4KDWbr4KPVvU0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9027bd4b76a3ee37d48f0631f7dba5927943afb5cb5ece0a0d66ebe0a3d5bd4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 07:20:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416339
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Sep 2024 07:20:31 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
808 B 1003ms
1003ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1695610769492&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1556&pt=1650706199&tz=120&viewable=true&ddast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Mon, 25 Sep 2023 02:59:30 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1457
x-cache: MISS
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610770.421888,VS0,VE33
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 57FF 0
0 945ms
944ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss95Q-yrW6J0K4uqk_h1Wk8N-ISTgL9ch7k_xi-FsGW_AviBUQuax3HKV3_mU23u3jwitXB1ozhP0bi0j1XyDW8VF13e07C30Uh1crXQNczk4KKDENwPAcLyMVN4EC5yko5M_t6bgzltOOsf4jpxOYPvGvS5ee2EUSopxckei_CeTal6B1ytYxgkMvDzx6fPoQVvB-wytzrNUGZlZglm3pIjEbtv6jhPzRlVrq_rDKCW80Xgxgk1lF8aT4cssj1MkEmyeMwbghDVeZvw9766C59oEXVaH_C07xh0pxSjFDjhPMJU13FznYPxstX1lRt_HYNacI&sai=AMfl-YSlJZRDTOxBThuPBfJsuj_J6L9ycT5TnypVed9u8WEI0PlUoMWGBO3gTWOhTPpKo-Jtm5iTdKxgCYxMGN_YbFG4IEP8wTlTi8gVs45yfc7MkSpMSK_lvg5hyigEdA&sig=Cg0ArKJSzDGRZdhm1gK8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:30 GMT

GET
DATA 200
OK truncated
/ Frame 57FF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16a92688827260b1677e8e43cddd3f2daf9d15f87ba297c31a8cc9b8815be6fd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 797ms
796ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39k2&_p=983468293&cid=812447560.1695610762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695610769&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=%E8%87%BA%E7%A9%8D%E9%9B%BB%E5%9F%BA%E9%87%91%E6%9C%83%E6%8D%90%E8%B4%88%E4%B8%AD%E5%9C%8B%E9%99%84%E9%86%AB%E3%80%8C%E9%9B%B6%E6%8E%A5%E8%A7%B8%E9%98%B2%E7%96%AB%E6%8E%A1%E6%AA%A2%E7%AB%99%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 57FF 0
656 B 849ms
849ms Ping
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&e=wqT_3QKrDPQXASsGAAADANYABQEIju_DqAYQs-Og4b6umP9jGJOnoO3Q-ISsISo2Cc-MAxwK98w_EeZxPbRd7cQ_GQAAAOBRuL4_Ic3jeiXaX90_KWufjscMVOQ_MQAAAEDheoQ_MPLsxgo4_VxAuVxIAlCIt6PeAVi5tIoBYABotZGzAXiC2QWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1ODk3NjkxLCAwKTt1ZignaScsIDc0Mzc0NzcsIDApO3VmKCdnJywgMTg0ODc2MTUsIDApO3VmKCdzJywgMjc2NDM4MDU1LCAwKTt1ZigncicsIDQ2NjE0ODIzMiwBVfCwkgLZBCFSSFVwMkFqQThMd1pFSWkzbzk0QkdBQWd1YlNLQVRBQU9BQkFBRWk1WEZEeTdNWUtXQUJnbXdSb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFVRjdDMWQ0Yi1JX3dRSDgtOW5KRWxUa1A4a0JBQUFBQUFBQThEX1pBZmV2ckRRcEJlMF80QUdsLWNVRDlRRy1lNU1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwTEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0BVHwUkRJSFpHVm1ZWFZzZEtJRERnaVJnSUlqRUFzWUFpMmFtWmtfdWdNSlJsSkJNVG8xTkRRMjRBUEpSSUFFMlpqaUM0Z0UyNWppQzVBRUFaZ0VBY0VFBVgFAQhESkIFCAkBGDJBUUE4UVEJDQEBRElnRnhpcVlCYWU0NklNQnFRVQEWIEFBQUR3UDdFRgEKCQEIREJCATccRUF6TV9NX3kFKBxDQXg3bnVQOTIoAABaBSgBAcBQQV80QVdtOEFQd0JiLXk2QWo0QmR2NzV3S0NCZ05EU0VhSUJnU1FCZ0dZQmdDaEJnATUEQUEBOCBxQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MOHVBWUuaApkBIV9SUVA0ZzpdAixMbTBpZ0VnQUNnQU0RNYhQQV9PZ2xHVWtFeE9qVTBORFpBeVVSSjk2LXNOQ2tGN1Q5Ug2AEEFBQUJaAQYJAQRCaAkIAQEEQnABBgkBBEJ4CQgBARBCNEFJazWAuDhEOC7YAgDgAtHwXOoCbmh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuAQioamluLWh1aS1qdWFuLXplbmctemhvbmctZ3VvLWZ1LXlpLWxpbmctamllLQUYDGZhbmcBFgBjBUcBNPCfaGFuLmh0bWyAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzMxLjEwLjE1NC4wqAQAsgQPCAAQBBjKByBaKAEwADgCuAQAwAQAyAQA0gQPMTE4MzMjRlJBMTo1NDQ22gQCCAHgBAHwBIi3o94BiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4LZBdIHDRVlASYI2gcGAV7wdRgA4AcA6gcCCADwB7X2DIoIRwpDAAABispHArBj_mFz7Cgxs5igBGga_TwZwCf6giohkoSuMdH9gj2Pxsg4wvmPC2BNBrINXO2y2L42V7O5jFHlCzGBGRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARACGAA.&s=b21086479a5f289cca36a8ddc0109718bdc69480&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=4687215701187926705&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5606&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
an-x-request-uuid: bf511424-e305-4a84-9d6c-ba6e7d1b5a5a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 emtPwloKEFs4i84njFV1D4cIEhPlVXWHrVbwd%2BhMLeToK9O49L%2FrCQpCNVzlQJqpTRucb1IMkq6uO8GQSbEIxZp5gO5I8PTMmIQwGOX7OqLgkPUEEAKmD5gmb7r6%2BByr3pwA7MsMBvLU%2BvFkZSV%2FWYP2mtWgD818FAeBbMOTyDwHWagYrXedGJ8cZcO... Show response
ad.vidverto.io/delivery/video/pod/ Frame 419D 46 KB
19 KB 1044ms
1043ms XHR
text/xml 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/emtPwloKEFs4i84njFV1D4cIEhPlVXWHrVbwd%2BhMLeToK9O49L%2FrCQpCNVzlQJqpTRucb1IMkq6uO8GQSbEIxZp5gO5I8PTMmIQwGOX7OqLgkPUEEAKmD5gmb7r6%2BByr3pwA7MsMBvLU%2BvFkZSV%2FWYP2mtWgD818FAeBbMOTyDwHWagYrXedGJ8cZcOlElCO3qL4POn8N4Tbav4GbENM9Db1BCD1ChAUqmPsTjOvT2dpd%2B6LpeHG2ryqBU4oSS0xmb7FDg8A%2BwR5plUgsFp5bFs77oNxgn4E%2FKPiznWjHn%2BZ2bNBnD0ITCCc6cnhKdpFPRq5vtRZH%2B3Sx1pVR1cmj%2F%2FVuW1qIwW3yrM4SOciAeM7J%2BEFvcB40H%2Fi1B4xBPZvILfe%2BoC5e5FNLx2GsSmK4qhcQ6R5PbnM2Epu05LH2DY9sKXlLVzBgQB5Khth12AOktsKuYb7TNXtW9UcD0T1WfI9skT6cCCeBa%2B%2FdF8qpAsSJlxcfAU%2BvOmkgJZ%2FOS4vSjVpih4w4Q6KuPpqB7FjkxM7eax%2BxXThFJegaUsyCxnZwm7SijNWQ8m%2F%2BOxRcLkYtPXohemDzZmJVpmqth2UWXrGBHJ6T2kip2KQ9FROxiR85kNwmBfquvLL8S3o4ZSPNMzUnQZBaORqqFs4Dq6N%2BFs4DP2lgc3sggBcUA6O2JLsehTMGSHq4CbBeHf5xGtJ88id7Qb%2BY0qiqAFoCtlUw1gUbeROrdrZyOWreak0hfc%2BU%2BVrsvmltdYVqWIPUaMpq3%2FFCW254SEGHvdGVUDN0A%3D%3D?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dc44fea1b7c67742c4accfb2ec7095091d38feb793f65b3372dc987a5c9ddbf8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 25 Sep 2023 02:59:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5FE 42 B
174 B 444ms
443ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJXclc4gfE3szWIWTHnryKDH4B9m1npHtLYYtcV_ZTljt1LNx9iJlwSRLaOZblokBLeiDHvm_CrSxXFXhv23W9heC2rEOnj-0M3MSPTre8lOiua1WMoGiApIujP4i-f_e49Y2TTCixFw&sai=AMfl-YStr81GWIyJZsYNF-g-UYh3gcBr6cGrlLcvEKt9oQMsJlww2JV0uFuNwZhWyEs2laDhIbUJ-Eu2GhT-YTsId_PJd7wPWxXBvESRg7B0I0D0-e5gOUszA7UZcMQ&sig=Cg0ArKJSzKWLbHovxBpMEAE&cid=CAQSOwDICaaN_Y0ZdvWOdPwKxKsncRiNziMmqC8sbcOMl13jeFgCW9TDcYdAFUFn0yz4Gi4mZjyQhBaZ6VhJGAE&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695610767897&rpt=1441&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 1455ms
586ms Preflight
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.bg3.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 25 Sep 2023 02:59:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 191779
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 531ms
530ms XHR
application/json 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 214621
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 319ms
319ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 4e11bb135e5bc014d4629904f662e6d7395b70c8c6ded9e30f2b629b4e77b474

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Sep 2023 02:59:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 25 Oct 2023 02:59:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F62F 52 KB
17 KB 296ms
282ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 25 Sep 2023 02:59:30 GMT
ETag: "623de86a-cf34"
Expires: Tue, 26 Sep 2023 02:59:32 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
X-Akamai-EW-Subworker: 8096267

GET
H2 200 sync Show response
eb2.3lift.com/ Frame A514 37 B
140 B 788ms
334ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 25 Sep 2023 02:59:31 GMT

GET
H2

200

pd Show response
adpushup-d.openx.net/w/1.0/ Frame 42E9
Redirect Chain

https://adpushup-d.openx.net/w/1.0/pd
https://adpushup-d.openx.net/w/1.0/pd?cc=1

653 B
745 B

188ms
187ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 1a3f191ff3e721fd830df598169ecb74ebc767ac2752c837904b670752c1343e

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 412
content-type: text/html
date: Mon, 25 Sep 2023 02:59:31 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 25 Sep 2023 02:59:31 GMT
location: https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 847F 3 KB
2 KB 710ms
263ms Document
text/html 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 784
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 80c002f79dcf0204-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:31 GMT
expires: Mon, 25 Sep 2023 06:59:31 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 60FD 281 B
554 B 116ms
112ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Sep 2023 02:59:30 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 1931 24 KB
8 KB 6165ms
70ms Document
text/html 184.30.20.22

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

f5f3357bbca7cd3c271874306c0948e1c8ae23a53596a12182f96afd8500f113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8490
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:36 GMT
expires: Wed, 27 Sep 2023 02:59:36 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 isyn
prebid.a-mo.net/ Frame 3ED2 0
0 286ms
284ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 25 Sep 2023 02:59:30 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame D089 9 KB
4 KB 844ms
305ms Document
text/html 18.66.147.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 81105
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Sun, 24 Sep 2023 04:27:47 GMT
etag: W/"cba3476b12cba88403393b498cdbcb0a"
last-modified: Wed, 02 Aug 2023 17:35:11 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id: 21rwAokIIJyOrJsyC8KR0nlPL4R84KXZgenyM3-g8KVS_nWFDYts-g==
x-amz-cf-pop: FRA60-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5: 72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256: 54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5518 3 KB
1 KB 219ms
216ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1695610766685

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d2e2eb927ac5db4fba960e0bdf555d913a527a5090044f29c5cf292581102e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1160
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 3C3E 6 KB
2 KB 294ms
278ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c002f4be830d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:30 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 621C 0
592 B 197ms
197ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11901&pub_id=1800859&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
an-x-request-uuid: 3f0ad8ac-5f91-4ad2-bc01-bbc87066634e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 57FF 42 B
108 B 227ms
227ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCmrCyYtEOBwX_FtLcHv_Hu-z92ULN44yQBTtLJCGXu21qLRAtjjkf4lvzXnCqMDcAn-KQuCyTdFMXDuiRagiKMtvilbrMkwGhYZVy7sLbjIAsjbdKOdNTnb3dbS7L&sig=Cg0ArKJSzKxhsJ57Lna2EAE&id=lidar2&mcvt=1001&p=1110,436,1204,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230920&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695610768082&rpt=1471&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 60FD 36 KB
11 KB 558ms
557ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b741f25f1ee134dacc62bd33303d64e99613bdbb783cda2418f396df78d5e28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 23:57:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75411
Connection: keep-alive
Content-Length: 10516
Expires: Mon, 25 Sep 2023 23:56:21 GMT

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 5518 43 B
443 B 233ms
232ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:30 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x25 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 25 Sep 2023 02:59:29 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 5518
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=7c94d72bddeadabef6f29337a85b1e89&gdpr_consent=&gdpr=1

0
291 B

477ms
477ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=7c94d72bddeadabef6f29337a85b1e89&gdpr_consent=&gdpr=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685

Protocol

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=7c94d72bddeadabef6f29337a85b1e89&gdpr_consent=&gdpr=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1695610770497084-566
Expires: Mon, 25 Sep 2023 02:59:30 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 5518 42 B
678 B 227ms
225ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ud-tIZkvMRARkLI03-ms2ocVqQC_6szwxLAzP6HmOL4
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 5518 0
0 367ms
364ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5518
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE

43 B
479 B

410ms
408ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1YXDV2JRJNRG1YVZB4MQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 5518 0
38 B 363ms
361ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5518 70 B
264 B 590ms
588ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695610766685
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 57FF 0
655 B 311ms
310ms Ping
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&e=wqT_3QKrDPQXASsGAAADANYABQEIju_DqAYQs-Og4b6umP9jGJOnoO3Q-ISsISo2Cc-MAxwK98w_EeZxPbRd7cQ_GQAAAOBRuL4_Ic3jeiXaX90_KWufjscMVOQ_MQAAAEDheoQ_MPLsxgo4_VxAuVxIAlCIt6PeAVi5tIoBYABotZGzAXiC2QWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA1ODk3NjkxLCAwKTt1ZignaScsIDc0Mzc0NzcsIDApO3VmKCdnJywgMTg0ODc2MTUsIDApO3VmKCdzJywgMjc2NDM4MDU1LCAwKTt1ZigncicsIDQ2NjE0ODIzMiwBVfCwkgLZBCFSSFVwMkFqQThMd1pFSWkzbzk0QkdBQWd1YlNLQVRBQU9BQkFBRWk1WEZEeTdNWUtXQUJnbXdSb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFVRjdDMWQ0Yi1JX3dRSDgtOW5KRWxUa1A4a0JBQUFBQUFBQThEX1pBZmV2ckRRcEJlMF80QUdsLWNVRDlRRy1lNU1fbUFJQW9BSUJ0UUlBATMIdlFJAQfwTEF3QUlBeUFJQTBBSUEyQUlBNEFJQTZBSUEtQUlBZ0FNQm1BTUJvZ01PQ0pHQWdpTVFBUmdDTFpxWm1ULWlBeGNJbjV1b0l4QUNHQUV0BVHwUkRJSFpHVm1ZWFZzZEtJRERnaVJnSUlqRUFzWUFpMmFtWmtfdWdNSlJsSkJNVG8xTkRRMjRBUEpSSUFFMlpqaUM0Z0UyNWppQzVBRUFaZ0VBY0VFBVgFAQhESkIFCAkBGDJBUUE4UVEJDQEBRElnRnhpcVlCYWU0NklNQnFRVQEWIEFBQUR3UDdFRgEKCQEIREJCATccRUF6TV9NX3kFKBxDQXg3bnVQOTIoAABaBSgBAcBQQV80QVdtOEFQd0JiLXk2QWo0QmR2NzV3S0NCZ05EU0VhSUJnU1FCZ0dZQmdDaEJnATUEQUEBOCBxQVlFc2dZa0MBdA0BAEUdDABHHQwASR0MOHVBWUuaApkBIV9SUVA0ZzpdAixMbTBpZ0VnQUNnQU0RNYhQQV9PZ2xHVWtFeE9qVTBORFpBeVVSSjk2LXNOQ2tGN1Q5Ug2AEEFBQUJaAQYJAQRCaAkIAQEEQnABBgkBBEJ4CQgBARBCNEFJazWAuDhEOC7YAgDgAtHwXOoCbmh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1qaS1kaWFuAQioamluLWh1aS1qdWFuLXplbmctemhvbmctZ3VvLWZ1LXlpLWxpbmctamllLQUYDGZhbmcBFgBjBUcBNPCfaGFuLmh0bWyAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzMxLjEwLjE1NC4wqAQAsgQPCAAQBBjKByBaKAEwADgCuAQAwAQAyAQA0gQPMTE4MzMjRlJBMTo1NDQ22gQCCAHgBAHwBIi3o94BiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4LZBdIHDRVlASYI2gcGAV7wdRgA4AcA6gcCCADwB7X2DIoIRwpDAAABispHArBj_mFz7Cgxs5igBGga_TwZwCf6giohkoSuMdH9gj2Pxsg4wvmPC2BNBrINXO2y2L42V7O5jFHlCzGBGRABlQgAAIA_mAgBwAgA0ggOCIGChIiQoMCAARACGAA.&s=b21086479a5f289cca36a8ddc0109718bdc69480&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=4687215701187926705&vd=ct~0|rr~6&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
an-x-request-uuid: e08f10de-89d4-41e7-9951-001c0a22bb83
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 1489ms
723ms XHR
text/javascript 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-17d52"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 02:59:32 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A963 0
59 B 261ms
261ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B16TMkPcQZdDnJoSg9u8P2dWeyA4AAAAAOAHgBAI&bg=!UVKlUh3NAAbbC4-Z-ws7ADQBe5WfOLIrtjA0wlXMsC3-dgnHs6-gvE2jV2QSlOaEyQfAc22rJC_YUqngEOvWm1jEZT0JAgAAAHZSAAAACGgBB5kC9Vgtpp6_fcVpfcQxWwv6Ocxbb-D28LyLPjHoY-pNOaqOz7uaSbaHiDblyB22pWw0f6PC_Q9sxx-4VR8UPWEcAqzrC4PQzsPMwTN4FSnmXg3cR30cSqnNJvx4mo6AKfhArsMrC3QkSwzZyKGBr5gcNFYiG-8yFzYEMABzSSSU_cYbTcBxBXjk6EwC-5dIW-WSFt0qQhru6yrTV84G8Mqa8TCpyz3yDJAR4LRJyjCOmLK805GjAoFx7PV1AhtUSUbekoe0ICF0VNg75cEijyxY9PF_CZfQNtWHHSRScX3GzkNqNym0PokL7PhMTL3jDS9r02JuWY6RbcdewcjKkHFXba0U9S8oad15-9cb5VCqj6Q26j2O-pxYCkusgbf-Z1RfQ3QktZGrfJruVGea9LiIp7mMMnp07JgzplofiNFaaLbOdmFB6BCgqcki2usuzQcNQcf7bdJXaR7hiKseuYmvudDB4iVG3JAFXTd2v5s0FScP2fWcswrme-5DUB82OljBWwY2EapIbBlduJHppCXMFw3ZoxBh3sU3Kjz_u8WmMOKh0NDDz8aQXf5OPtVs5X076j05MU_u8v340WTmVhwkanJ427HdBOWLa2zreaVl5VFgHYYBi2z9v4aAq5z4R8yiRqdVh5saGZcgZO0lNJ4bfbwcWzzk6zlJA9w_7nGt_Xry_z7knG56zfyJfAUo6TqMTuRbKaQV6GhvCPc7W9517TuuCCB7VXAfR2MEvjsTOTYeXNOPum-eHyHluwcdN_e6iX_pNumw56Q7-E59hYunrLZp_P-hlxltY5JVrtMhH0EhF3aCuLigyNXNdqcJ1O2D6w1ppEjuhhseWwjUbJxPn2_h7ZoG0h3vVAEtEPQZibg-ZqtsG4mNVm-ynU-Yvqqbq2VGLwNJhlmqOJ6-ZhFFRxZjxYosyi15P6dvLblhNw4d56j0P1GPK4LE7YdH8210yUXwiBFCiIHDS2NAtXwZM4K0cwuV1g2Lv5xU_FLYY4VLvCWVTC0

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 3C3E 48 KB
12 KB 250ms
239ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 406517
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 80c002f6ff0c0d57-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pixel;r=464428082;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html;uh=e51ed67dfb8d91dc24b15e2ace0c...
pixel.quantserve.com/ 35 B
210 B 308ms
298ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=464428082;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-994593577-1695610769006;pbc=b8e06e4b-f187-4cc3-a686-a77051ecacbc;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1695610770928;tzo=-120;ogl=;ses=210f65da-a831-4937-a0db-a12fd64dc541;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 /
onetag-sys.com/usync/ 0
287 B 521ms
521ms Image
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A52D 2 KB
1 KB 267ms
266ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZRD3kAAKjggFkVaSAA0p8nRnV2pODclRJ9V21w&u=%7C%2F1QK3loR%2FNxuUZb3k6wjnhAcZt91r1UtohEQ8caa368%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwWFGi6Cf7dYmupCZ2KqtU-p_t_D_dnGKU7IEdER8-2lEDdN-FOLaexjZBcbPylEfe-a_KRRjPCB26pEg8kIrRcPNRWyWrA8OOIEZr7IkoUFHhkj_Cbof-5_5xp3XQQHSpzQed1jVR9WaZJ2kxK7k4zrC6ZhbOM9KSkvsArepaomdFeKvcR6Z4A8wyvSz7TLbLk1HoHH5S8qnKlDdrGqAYI02M3UZV2FHxTMYlAVBfP5rbgoeOwVpvxLSuGVT1TW7ipsMSqddG_KICQVfkgjP2Obt_P5g1Pz3AKUDwBjUG-3ySMT6zxYA7zVJNytT2PjN2UUDBGMG6BZI98IEdfOop6LuyZ_iAWX6oWQGFrb_pSHNc8UpEjXgyzGzkNymKGiW7YtlRZ2XYOmjP1eTjLxagjxL2rJl8F0fBeb5esisXsn6D7DFANpaNXlTW72Bbeuhp6JmaCxNglaYlLg5qPCEQ04rX1Dt26H6p2oeG7gOgECOBJK8xlXgl4VI-dToEweqQKqmYziWGbTblnMmkixDbTQeUpnEmLQx-BulidTFtQMJtk6A47P8rpq&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJWVHkPcQZYicKpKtxdwP8tO0YMme0rFc1Z2R93DAjbcBEAEgAGD1tcqB4ASCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCYTFGH3HfsT6oAwHIAwKqBLoCT9C7Vxm4sfW7KyKwLaxZjuIHBRwjLDfGCuhXOYS5mI-FMafEd68_eKw4cSRRX0nBjg3DMeyM1PazZdm_dp6YUHG5bNZLTCzWYuzkABe35rJ0bTJ706AGaSBOnlWGCX23iqbI2hS7xkGGcINeE3y_81X8twEHFx6CaQQJncq47TRDPiGxFHUOzfoyBVgcvlBQeQ2MemhpkFGgj-zQv-_vKd8DWFE5LKmK_UMnFKAmLSNYKJJbs8fPjmQqVhmw34a1a577hk-vRk9HpogXvNEAhHtFZLYSZKhTliu0iIJyZU4C1urWrAT6scABiAx1JsQehfFlB3IPwfceww8rPXDDerhkAYnGi0ByPkoLB9yz9SygHikmyAUPEGlCD5JBYP6bs4lTvjkTFL35MRFZJXcPJI5kRMyfRoMnyeaABrDgh7_Q1tW3DKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OZ0yQR7bqEDHyKAFKSujBpURVrA%26client%3Dca-pub-4485239425924787%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A52D 2 KB
1 KB 267ms
266ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A52D 308 B
636 B 368ms
366ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A52D 293 B
621 B 368ms
366ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame A52D 43 B
348 B 1305ms
706ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jP5n-9qtH6RbxVfjBbWi1Pmnj1Zf8EiogTC54q2OIj0CDcpJXQNtEWPNiYG2FTc_fjAvm3McpcdJjzoOSA1H137sHxK6Vr6rYvxBA3XsgQU22qK7jn3_PuLexfGmVugxm-hBWaplmx0qc01IYusNp9BNi18gZH_BfZjAADJ1OJm4V4Dr9KCYvbC0ulOidaopYihcEof-UQHfViphEBp89rYQpTXU4akl6KiBUZhX_kOcGwD386yZoQxidXOgqqeQueIlIcV-3hAd_YS5uai1E9LvMg-B6XuUC8U1Rdyvh_yCZkqqHlXMqrvYGDlTz-uBDWQWdC3ZopXKdDDHyeUyCTQyorrs8LCilAMr_0t7CCof4AchwLvB3NC3aQmvo8vl9m_PZhp5-twLLhAC132DzdtVxAwRRXRrtam5kX4wfi5PMqEc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1690341
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 31f39323dac144a9bae450f9279f965d_image_ad_336x280.jpeg
static.criteo.net/design/dt/41417/4971382/ Frame A52D 43 KB
43 KB 411ms
410ms Image
image/jpeg 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/41417/4971382/31f39323dac144a9bae450f9279f965d_image_ad_336x280.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

6e464c17a88808c4e00a08cfcac0788714b10c5fdca7f87fd812c430d23ce2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 19 Sep 2023 07:30:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65094e13-aaa7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43687
expires: Thu, 19 Sep 2024 02:59:31 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 419D 0
234 B 2033ms
688ms Ping
image/gif 142.250.147.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmyavfgp&c=6780929860551&slotId=3390464930275.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.147.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rd-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 419D 156 B
232 B 365ms
336ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771172&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct138

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 419D 156 B
189 B 381ms
352ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771179&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct152

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 419D 65 B
656 B 2085ms
1061ms XHR
text/xml 185.84.60.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 419D 156 B
263 B 531ms
504ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&cust_params=mt_fln%3D1.8&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771184&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct157

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 419D 156 B
190 B 674ms
647ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771188&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct161

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 419D 156 B
231 B 533ms
507ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&cust_params=mt_fln%3D1.3&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771192&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct164

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 419D 156 B
190 B 534ms
508ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1739619092235614&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610771195&cookie=ID%3D75f53fd7a1ff790d%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MbCbbuwFpwkNhse8b0yqYI0sPCPGw&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=1622707809130936&ged=ve4_td10_tt2_pd10_la10000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct168

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A52D 0
128 B 2089ms
375ms Ping
text/plain 178.250.7.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7N_UBSFuWSg7HfRBe6bwZeP5RlozrmHkRecrEjdyzHY11G2xB7K_zt0oXTZTutNjE7yTiT6V0z1F2PYWcul_c3dqwhbSi9xLmtpLSEwUw6QWhkhuMRLurBzfddCgyY1yTep4JniNxdL1typvxgZGNuE5pMG1Ai2ea8Klsvbg1PKMAkYkgymH4zWHH6G6NDYt5G7xKqdS3FHZ7rGHdhwyP8FA1aRG_kZjUSSN1ILCcXC_eruQ-StZxsC26XBa04Ag69smDQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 25 Sep 2023 02:59:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A52D 2 KB
1 KB 4398ms
4397ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A52D 2 KB
1 KB 4461ms
4460ms Image
image/svg+xml 178.250.7.2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Sep 2024 02:59:31 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 946D 2 KB
1 KB 183ms
176ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7789aa15b8c51adcf007eaecd2f4811b8097c707cc5398a2848bad5543b8ca70

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80c002f8ca3a24c2-ZRH
content-encoding: br
content-type: text/html
date: Mon, 25 Sep 2023 02:59:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA%2FW20q5dmM1bJ%2F3rjhZ2CtPyWNzeU3c8T0sl7aSjbwFOXsUMSIhlHvVsU8BIiaIld9x6w99ehQUIYpPozaPa6ZmGeR8%2FT%2BkgPOCKyKKoqRZ1%2BXVBXGo37T39TSLsMv0k92pBwYFBAsUXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame AD24 0
326 B 176ms
176ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c002f8cf740d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:31 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A214 3 KB
1 KB 198ms
198ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

088d95315faf1637cfb9a05377354c29c0c93c977d348d4077e18ba0bc21d304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1061
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 62E6 0
0 2316ms
630ms Document
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Mon, 25 Sep 2023 02:59:33 GMT
X-Sovrn-Pod: ad_ap6ams1

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 0BB4 4 KB
1 KB 2141ms
298ms Document
text/html 52.18.35.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 47543d8868ec52fae53ee578f36e3edde0955f6b7943f061796be61c2aa4f830

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 25 Sep 2023 02:59:33 GMT
etag: W/"0b4799ee19f3bdcfff0e724b7c6f42842"
server: nginx
timing-allow-origin: *

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 032E 3 KB
1 KB 392ms
392ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ec2-54-77-73-229.eu-west-1.compute.amazonaws.com

Software

Resource Hash

13a7a3c361b5ed527fea3531e9d6fa3e834b4f0e48dbe92925a1e7085a3913ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1040
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame 9A1B 845 B
947 B 532ms
531ms Document
text/html 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: a9553035df0c21266b227737fff2a786968b8af138052854d05420f46cb272f4

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 845
content-type: text/html
date: Mon, 25 Sep 2023 02:59:31 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 9E85 2 KB
863 B 189ms
189ms Document
text/html 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4206589b54d52092a2abb996008fd5535cd5d6891080e67e6cf2a6bf771141d

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80c002f99b3624c2-ZRH
content-encoding: br
content-type: text/html
date: Mon, 25 Sep 2023 02:59:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwHsMw3FV0RfLOkDp0%2BuWpH3QF7Og%2BQWje9m0aNfKFyFEFlaxxrXEGnIRLAZpKR9G4WCs6x9LOkgVf9SEoifiMVDY94Ffo9ygQ%2B7KxH0dNCnNTDksUFogaWMXa1T5svW5D7IJXUa4f6JTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9C1B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

1361ms
1360ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Sep 2023 02:59:32 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Sep 2023 02:59:31 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D6E0 15 KB
6 KB 1169ms
444ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93858
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 25 Sep 2023 02:59:32 GMT
expires: Tue, 26 Sep 2023 05:03:50 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 1C48 1 KB
1 KB 2070ms
465ms Document
text/html 18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: 0ea780be351a24c426e82b42a319e7a6c4673b200360f89dfc7d1474c0aa633b

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-encoding: gzip
content-type: text/html
date: Mon, 25 Sep 2023 02:59:33 GMT
server: istio-envoy
vary: Accept-Encoding
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
x-amz-cf-id: 4zGB1NgH6C5xJ-ZB_gJmuQuo_Q0FMpnU2Hj1y_MVFbLPlDQcZ_KC9Q==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 2

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame EB57 0
160 B 2086ms
455ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Mon, 25 Sep 2023 02:59:33 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame CFAD 557 B
1011 B 1458ms
465ms Document
text/html 52.204.164.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.204.164.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-164-185.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: adb08d1f033159fd2aacfabbe91910186279c0506e2d383e3a03e3b998a49ae5

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 557
content-type: text/html
date: Mon, 25 Sep 2023 02:59:32 GMT
server: istio-envoy
x-envoy-upstream-service-time: 3

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=2402692138260763539

0
344 B

2454ms
2453ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=2402692138260763539
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
an-x-request-uuid: cb095639-6855-409a-bf32-bcc9674cf7b0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=2402692138260763539
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=HYMTtRZHyiPEYDqCSXSgwWub

0
351 B

1205ms
1205ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=HYMTtRZHyiPEYDqCSXSgwWub
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:33 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=HYMTtRZHyiPEYDqCSXSgwWub
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame D089 0
277 B 2702ms
428ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Sep 2023 02:59:33 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame D089
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=1884165914
https://sync.1rx.io/usersync/turn/4547393657392022718?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b3b7033b-09c3-4483-b035-c5b...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003

0
531 B

502ms
502ms

Image
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 80c00307dafd0d57-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

Redirect headers

location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003
date: Mon, 25 Sep 2023 02:59:33 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb3b7033b09c34483b035c5b3dfc9ab59003
content-type: text/html

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5142336725412450400

0
344 B

2677ms
2674ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5142336725412450400
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5142336725412450400
Date: Mon, 25 Sep 2023 02:59:31 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
https://ads.servenobid.com/sync?pid=332&uid=23f56c3e-d13e-4301-b082-5fd3a3a02fa1

0
356 B

1277ms
1276ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=332&uid=23f56c3e-d13e-4301-b082-5fd3a3a02fa1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-117
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.servenobid.com/sync?pid=332&uid=23f56c3e-d13e-4301-b082-5fd3a3a02fa1
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

2648ms
2647ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Mon, 25 Sep 2023 02:59:30 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A

0
366 B

2524ms
2523ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A
date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

services
sync.technoratimedia.com/ Frame D089
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://sync.technoratimedia.com/services?srv=cs&source=disqus&uid=ua-6a5d7b32-c3c3-3424-980f-08c533c07c5a&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D34%26buyeruid%3D%5BUSER_ID%5D%26r%3DCid...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A

0
366 B

2525ms
2524ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-nRhhFkFE2uGTVFVp_VtV6xUtP2Q4hqw15joCJik-~A
date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame D089 0
35 B 1437ms
715ms Image
text/plain 18.197.134.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

85ms
76ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 25 Sep 2023 02:59:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Mon, 25 Sep 2023 02:59:35 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame D089
Redirect Chain

https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
https://ads.servenobid.com/sync?pid=328&uid=b56acbd1-293c-4175-be1a-49671cbc756f

0
356 B

1123ms
1123ms

Image
image/avif

52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=328&uid=b56acbd1-293c-4175-be1a-49671cbc756f
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=328&uid=b56acbd1-293c-4175-be1a-49671cbc756f
Date: Mon, 25 Sep 2023 02:59:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

/ Show response
sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/ Frame EFC4
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F&rd=1
https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-eP5kfbVE2uGBWZpHjJQIndhJcmWY821H~A&gdpr=0

95 B
383 B

76ms
76ms

Document
image/png

157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-eP5kfbVE2uGBWZpHjJQIndhJcmWY821H~A&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/png
date: Mon, 25 Sep 2023 02:59:26 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

Redirect headers

age: 0
content-length: 0
date: Mon, 25 Sep 2023 02:59:34 GMT
location: https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-eP5kfbVE2uGBWZpHjJQIndhJcmWY821H~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H2

200

RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 6198
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://ad.turn.com/r/cs?pid=45&rndcb=6832053206
https://sync.1rx.io/usersync/turn/4331220875278238910?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b3b7033b-09c3-4483-b035-c5b...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003

0
519 B

603ms
603ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c003098b440d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:34 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Mon, 25 Sep 2023 02:59:33 GMT
etag: RXb3b7033b09c34483b035c5b3dfc9ab59003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b3b7033b-09c3-4483-b035-c5b3dfc9ab59-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 946D 43 B
855 B 320ms
314ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1YT4384XDK46JGXHCY3N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 946D 70 B
264 B 254ms
247ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 946D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHB5fSIgGaaWIe-e1rW8WbA&google_cver=1

43 B
737 B

2241ms
2240ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHB5fSIgGaaWIe-e1rW8WbA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BV6lvan3RWDxu8JBFQL4YbhDMFM76KV7PjjBDLin%2Bl9KSSvf70Bd5ZeF%2BmvaiGetMAwXFgxACr3CDCa%2FfrDao6Twz2ql2t09CGix1P%2B7Oi8duSMAW%2B2LiGYq4EwCOXg6o7n6xSkG1QE3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c00302fe4b24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHB5fSIgGaaWIe-e1rW8WbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 946D 43 B
602 B 298ms
294ms Image
image/gif 54.77.73.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.73.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 946D
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4475336063354094782

43 B
733 B

511ms
510ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4475336063354094782
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1L%2Ft3JoGhWT1s077bYj5BdfObAl%2BTjghTb7Gpe1IIWccvq8JRuWjfHbFTm3B1OZKBwzSVPaVrL1Udh18ssS2BGD9sBRGigtm4tPWYuaJmQpa%2FG9Aq%2B2SU5wLcgjNcwebMSYxBxGLhPaZwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c00305398e24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4475336063354094782
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 946D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZRD3lQAPrNQWvABV
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRD3lQAPrNQWvABV&_test=ZRD3lQAPrNQWvABV

43 B
733 B

73ms
72ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRD3lQAPrNQWvABV&_test=ZRD3lQAPrNQWvABV
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7M9nZC3pvGAbh4tOxm03zlRhdZWE2jnFWSLrtabRxr8FDMr7WS5ZhpVQoao2%2F5l6%2FQmjQp%2B2Z2C8XiF7noqvx9dU2aFgP1tucThfZvNo6yTUogSTaNxiL9ybsGdj8Xx2qFS2g%2BErOaRwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c00305ea6824c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-fra-eddf8230064-FRA
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1695610773.369892,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRD3lQAPrNQWvABV&_test=ZRD3lQAPrNQWvABV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 946D
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=qvB4xjaFtE6Ov6BSLpEa&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1

43 B
739 B

81ms
80ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=qvB4xjaFtE6Ov6BSLpEa&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UtJCYd7qug%2Fg60A2lRGNL4TFKOMH6zVrPMICk5UWD6whbNIL0fmGKGdmZ2rMutoRO0srDfsTFBw4YiI%2F9MMnpXV1W41dkPnYtMQm5n%2BSF7668XRSz2eS%2Bb%2BP4vEyW%2BxHi%2B9MbiI8Bq1qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c0030d9d9924c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=qvB4xjaFtE6Ov6BSLpEa&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292&tc=1
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT, Mon, 25 Sep 2023 02:59:34 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 946D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1859536638041122564&expiration=1696820382

43 B
739 B

141ms
141ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1859536638041122564&expiration=1696820382
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFGTfuPLL%2BKRaOZT9PfZCG9vvk8qTtaYG9nFyAIZ6SxTqiEkRqIDAWLZgpkKQu%2FjQwHLY4H79Z%2FDJLhiDOmt9FSe7B5V%2FWEhATXeoarpwxQb7nmgB8najL%2Fdnrnt%2BbcoZGq6b9vfgZbptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c00305aa1a24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1859536638041122564&expiration=1696820382
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 946D 43 B
229 B 234ms
226ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZRD3kMJnEoJxRHhJAdqIKAAA%263292
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 17854
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80c002fa5fe10204-ZRH
content-length: 43
expires: Tue, 26 Sep 2023 02:59:31 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 42E9
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G28nyEttL8kAbCPLTjk7nh9rIMEAa3SZHGiuUglD

43 B
171 B

697ms
690ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G28nyEttL8kAbCPLTjk7nh9rIMEAa3SZHGiuUglD
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=G28nyEttL8kAbCPLTjk7nh9rIMEAa3SZHGiuUglD
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 42E9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1112457790386557703

43 B
106 B

134ms
127ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1112457790386557703
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1112457790386557703
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 42E9 43 B
855 B 284ms
283ms Image
image/gif 67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=4f18f53f-c45e-8ef3-9814-a248667727f7

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.232 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0JCPSS58ZJVN2T7ZBJ8W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 42E9 70 B
264 B 497ms
495ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=17ce8942-d8f4-3509-581a-20df0e44ec17&gdpr=0
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 42E9 170 B
188 B 950ms
949ms Image
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2JhMTVhODgtMTE4My02YmFkLTRkZmEtN2E2NmM0YTYyMjc3

Requested by

Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 42E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDgMB_I9FP8B-VjEnVKZGJ0&google_cver=1

43 B
61 B

3193ms
3193ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDgMB_I9FP8B-VjEnVKZGJ0&google_cver=1
Requested by: Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol: H3
Server: 34.98.64.218 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://adpushup-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDgMB_I9FP8B-VjEnVKZGJ0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1487d990-9035-520c-b5a7-bd0dd0b74a82 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 90D4
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://csync.smilewanted.com/set_partner_userid_get/betweenx/1487d990-9035-520c-b5a7-bd0dd0b74a82

0
424 B

710ms
709ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/1487d990-9035-520c-b5a7-bd0dd0b74a82
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c002fee8740d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:32 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/1487d990-9035-520c-b5a7-bd0dd0b74a82

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame A214 43 B
443 B 423ms
423ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:31 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x34 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 25 Sep 2023 02:59:30 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A214 70 B
264 B 534ms
532ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame A214 42 B
678 B 535ms
533ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 711916.gif
id.rlcdn.com/ Frame A214 0
0 555ms
554ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame A214 0
406 B 533ms
532ms Image
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.smilewanted.com/set_partner_userid_get/onetag/56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:31 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
cf-ray: 80c002fc681a0d57-MXP
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

18331f8f99e3314a4ce5cdb2938c95bc5b8a576bb3067c2cd437fb541470db27 Show response
csync.smilewanted.com/set_partner_userid_get/bizzclick/ Frame F1DD
Redirect Chain

https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
https://csync.smilewanted.com/set_partner_userid_get/bizzclick/18331f8f99e3314a4ce5cdb2938c95bc5b8a576bb3067c2cd437fb541470db27

0
691 B

202ms
201ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/18331f8f99e3314a4ce5cdb2938c95bc5b8a576bb3067c2cd437fb541470db27
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c003070acd0d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:33 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Mon, 25 Sep 2023 02:59:33 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/bizzclick/18331f8f99e3314a4ce5cdb2938c95bc5b8a576bb3067c2cd437fb541470db27
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 621C 0
591 B 545ms
544ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11901&pub_id=1800859&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11901&pub_id=1800859

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-54-77-73-229.eu-west-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
an-x-request-uuid: aee51c09-c8c5-4a0a-ae42-ced9ccd539f7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9E85
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2402692138260763539

43 B
776 B

1961ms
1960ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2402692138260763539
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjPi%2F9Rdndl1GPH8Z39SwSA5k26vQxM026SmKZ2CG9M78zRxgkurkOBa%2FjisDTm%2F%2BR3sPicFLKqRM7y5wVGzVb1vPlkM5oyuQfU78%2FakZb8R4JoIHyn6RA1EHKq0%2FbaXieofMpTIGKu%2F%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c002ff69e324c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
an-x-request-uuid: f5ba85f0-3f8a-4c37-829a-18601ed07038
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2402692138260763539
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9E85
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADf-k7KIe8AABloTdCZzw&expiration=1696820373

43 B
736 B

613ms
607ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADf-k7KIe8AABloTdCZzw&expiration=1696820373
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1ETidsYhTMQLeTtN7%2FdJoPBNqS%2Bz6WdMESHk8pNpBalrdWL%2B9XphBKhQsa5iVsxLrmpL1CuQT%2Ff3KvmPOT8JL0Oum%2F9H5yhzjZj5H3pfdWCRCxPvbz6u8JJQP6KSUkuUmc144yyluLS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c0030c1b0724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADf-k7KIe8AABloTdCZzw&expiration=1696820373
Date: Mon, 25 Sep 2023 02:59:33 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9E85
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB

43 B
602 B

443ms
440ms

Image
image/gif

54.77.73.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

Server

54.77.73.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB
date: Mon, 25 Sep 2023 02:59:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 9E85 43 B
652 B 528ms
523ms Image
image/gif 193.108.153.5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.5 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:32 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1695610771538092-516
Expires: Mon, 25 Sep 2023 02:59:32 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9E85 70 B
264 B 527ms
522ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9E85
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
737 B

663ms
663ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H3
Server: 104.18.27.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulX8bOUgHXhYl4Phr4buyaQ6nMZswTRDlba0lDyFmaVposMJ%2Fc6rd5Q7qsq41%2BPRyLmhoTZ3bM%2FzONVahAA%2BtBUHdr1lFcTz0UypZjz8WYmApGajL9xen%2FovC%2FJkZaLLuiifT3iyPr%2Fgbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80c0030ccc5124c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Mon, 25 Sep 2023 02:59:33 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET /
csync.loopme.me/ Frame 9E85 0
0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9E85
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292

42 B
942 B

550ms
550ms

Image
image/gif

54.229.208.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Server

54.229.208.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-208-26.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0b10595a9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lx2YmxEmTa8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pAY402RCQSw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRD3kMJnEoJxRHhJAdqIKAAA%263292
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sync
ads.servenobid.com/ Frame 9E85 0
357 B 529ms
526ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZRD3kMJnEoJxRHhJAdqIKAAADNwAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 cookie Show response
cm.adform.net/ Frame F35C 43 B
106 B 2264ms
978ms Document
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Mon, 25 Sep 2023 02:59:33 GMT
server: nginx

POST
H2 204 csi
csi.gstatic.com/ Frame 419D 0
54 B 1605ms
690ms Ping
image/gif 142.250.147.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmyavgeg&c=6780929860551&slotId=3390464930275.5&ghmsh_eids=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.147.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rd-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
175 B 1733ms
596ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 419D 0
54 B 1586ms
689ms Ping
image/gif 142.250.147.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmyavgqf&c=6780929860551&slotId=3390464930275.5&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.147.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rd-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 1720ms
597ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2

200

9c68341e9e990e5911371bbc8a77a6 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 255A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/9c68341e9e990e5911371bbc8a77a6?gdpr_consent=&gdpr=0

0
458 B

370ms
369ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/9c68341e9e990e5911371bbc8a77a6?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c00304da320d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:33 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 25 Sep 2023 02:59:32 GMT
Expires: Mon, 25 Sep 2023 02:59:32 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/9c68341e9e990e5911371bbc8a77a6?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1695610772175034-520

GET
H2 204 v1
match.sharethrough.com/universal/ Frame CA50 0
0 1129ms
716ms Document
text/plain 18.197.134.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5FE 0
59 B 714ms
713ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6759040567752&version=m202309120101&ct=76&x=1&cor=16888647861291741000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://9abecd16a5f4c5d3712efc9225627d20.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

13286729b3c841216d3917a33841b1986a6d522a295235b8e39d6f50a1170714 Show response
csync.smilewanted.com/set_partner_userid_get/smartyads/ Frame D504
Redirect Chain

https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
https://csync.smilewanted.com/set_partner_userid_get/smartyads/13286729b3c841216d3917a33841b1986a6d522a295235b8e39d6f50a1170714

0
489 B

539ms
538ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smartyads/13286729b3c841216d3917a33841b1986a6d522a295235b8e39d6f50a1170714
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 80c003098b450d57-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:34 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Mon, 25 Sep 2023 02:59:33 GMT
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/smartyads/13286729b3c841216d3917a33841b1986a6d522a295235b8e39d6f50a1170714
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 1578ms
597ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 1578ms
598ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 1577ms
598ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 032E 42 B
678 B 617ms
616ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 032E 0
0 621ms
620ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 032E 43 B
443 B 644ms
501ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:32 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x35 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Mon, 25 Sep 2023 02:59:31 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 032E 70 B
264 B 629ms
628ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
ads.servenobid.com/ Frame 032E 0
365 B 2490ms
2489ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=318&uid=56KTO82G-CI38xCl5Av2VJwsdFGys_jDZcj1Z53aBaE
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F62F 0
593 B 566ms
566ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
an-x-request-uuid: 8888d709-da85-47bd-8c6e-f935f12c5666
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 9A1B 0
344 B 2524ms
2523ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=7440678421575996197&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

/
rtb-csync.smartadserver.com/redir/ Frame 9A1B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRD3lQAPrHgWAQBV&gdpr=0&gdpr_consent=&_test=ZRD3lQAPrHgWAQBV

43 B
333 B

127ms
126ms

Image
image/gif

185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRD3lQAPrHgWAQBV&gdpr=0&gdpr_consent=&_test=ZRD3lQAPrHgWAQBV
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:32 GMT
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by: cache-fra-eddf8230064-FRA
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1695610773.369908,VS0,VE0
x-cache: HIT
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZRD3lQAPrHgWAQBV&gdpr=0&gdpr_consent=&_test=ZRD3lQAPrHgWAQBV
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content /
b1sync.zemanta.com/usersync/smart/ Frame 9A1B 0
64 B 1999ms
386ms Image
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:33 GMT

GET
H/1.1 200 9.gif
id5-sync.com/i/102/ Frame 9A1B 43 B
1 KB 1418ms
446ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , United States, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 25 Sep 2023 02:59:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 9A1B
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7440678421575996197&gdpr=0&gdpr_consent=

0
34 B

853ms
853ms

Image
text/plain

18.197.134.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7440678421575996197&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Server: 18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:32 GMT

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=7440678421575996197&gdpr=0&gdpr_consent=
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:31 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 1420ms
599ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
794 B 702ms
688ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1695610772492&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1556&pt=1650706199&tz=120&viewable=true&ddast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
content-encoding: gzip
server: nginx
machineid: 1469
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D6E0 5 KB
6 KB 3409ms
118ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=96212012&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b3b19390e8c95a03c4a21acba35566c5ce9743073f5c95b21fb6e3cea9db87d6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cs
cs.yellowblue.io/ Frame CFAD
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=6e2735dae60a74e1aeae326bd91328&gdpr_consent=&gdpr=0

0
330 B

911ms
669ms

Image
application/javascript

52.208.171.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=6e2735dae60a74e1aeae326bd91328&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 52.208.171.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-171-144.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:33 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=6e2735dae60a74e1aeae326bd91328&gdpr_consent=&gdpr=0
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1695610773139038-508
Expires: Mon, 25 Sep 2023 02:59:33 GMT

GET
H2

200

pubmatic
um.simpli.fi/ Frame CFAD
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

43 B
612 B

419ms
83ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

Protocol

Server

35.204.74.118 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Sep 2023 02:59:35 GMT

Redirect headers

location: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date: Mon, 25 Sep 2023 02:59:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 207
content-type: text/html; charset=utf-8

GET
H2 204 v1
match.sharethrough.com/universal/ Frame CFAD 0
34 B 496ms
495ms Image
text/plain 18.197.134.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.134.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-134-14.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame CFAD 0
340 B 1588ms
1586ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=352&uid=ItbdQ-j-Cp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F62F 0
592 B 450ms
450ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
an-x-request-uuid: 5455fc8b-5031-4a25-9934-a29c511d07bd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.10.154.0; 31.10.154.0; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9C1B 36 KB
11 KB 3329ms
3328ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b741f25f1ee134dacc62bd33303d64e99613bdbb783cda2418f396df78d5e28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:33 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 23:57:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75408
Connection: keep-alive
Content-Length: 10516
Expires: Mon, 25 Sep 2023 23:56:21 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 419D 42 B
174 B 319ms
319ms Fetch
image/gif 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Ammerzoden, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 bridge3.591.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame E0CB 723 KB
232 KB 114ms
113ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 272619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236868
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 23:15:54 GMT
expires: Fri, 20 Sep 2024 23:15:54 GMT
last-modified: Thu, 21 Sep 2023 23:07:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BAFF 40 KB
14 KB 129ms
128ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 25 Sep 2023 03:28:46 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 12 KB
0 137ms
137ms Media
video/mp4 212.8.250.227
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.227 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-227.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 25 Sep 2023 02:59:33 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 1C48
Redirect Chain

https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4170617855687717620217

0
486 B

885ms
884ms

Image
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4170617855687717620217
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:34 GMT
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P6
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: Rr_k9CLGPgxcSLPt3EcxjxwsbDvp-cvxx9e-A8DPfNAGg1v-qHeifg==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4170617855687717620217
date: Mon, 25 Sep 2023 02:59:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 1C48
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292

0
486 B

409ms
409ms

Image
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P6
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: BNxd_cxz9z5qr900fS7GN0yQz0PYvVAEJYKM0qcjLEPiwsCJ3QasvQ==

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MScfMtVO4K5%2Fsh%2F08Tzw8%2BuCbLwI80LSS9JE56j%2BLlP4yuI%2B2PrP1OKhORXiMGDPywXIVQ2nNo7EFAQp6li%2B8%2FRlMT7gfhteILa5Bs1v08Tn%2BpuMQBSzBoc4Fk%2BaIMtuleHhhHb3YqH7Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZRD3kMJnEoJxRHhJAdqIKAAA%263292
cache-control: no-cache
cf-ray: 80c003060a8e24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 1C48 0
277 B 1393ms
882ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Sep 2023 02:59:34 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 1C48
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0

0
534 B

461ms
460ms

Image
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P6
x-reason: missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: Jr_UZ6Kcl1pVCbPPoWxW03gu7ASSSGpmYUGw8xB_lRPqrY9k2QEL5A==

Redirect headers

location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date: Mon, 25 Sep 2023 02:59:33 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 1C48
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=8e976b46-a766-0a5d-2082-39284e4766f2

0
486 B

460ms
459ms

Image
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=8e976b46-a766-0a5d-2082-39284e4766f2
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P6
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: ng7anJUsbn2A6wronuszSOYrUQag7N5XRUznrAZ5LzwxqzYQOCBeVw==

Redirect headers

date: Mon, 25 Sep 2023 02:59:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=8e976b46-a766-0a5d-2082-39284e4766f2
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs-rtb.minutemedia-prebid.com/ Frame 1C48
Redirect Chain

https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fb478d3faef3420272743e96d0e11a7f

0
485 B

160ms
159ms

Image
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fb478d3faef3420272743e96d0e11a7f
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:34 GMT
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: AMS58-P6
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-rtb.minutemedia-prebid.com/
x-cache: Miss from cloudfront
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0
x-amz-cf-id: Qj6tIOfpNn2eeM73u9bc_WKUCEyb1seTsds5PhcOgIiJu2zxn7OJjQ==

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=fb478d3faef3420272743e96d0e11a7f
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 0
expires: 0

GET

pubmatic
um.simpli.fi/ Frame 1C48
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 1C48 0
341 B 980ms
979ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=348&uid=O_sKQz0zCp_mm
Requested by: Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-rtb.minutemedia-prebid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 0
0

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2402692138260763539

0
0

GET

sync
dsp.nrich.ai/bidswitch/ Frame 0BB4
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_8131dfe4-8060-4938-8e59-0e151c51c90e&gdpr=0&gdpr_consent=&us_privacy=1---
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
0

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28nBImKQrAaq93S8fSitS0aVs-mm6AJCbG9x3pkT901mOHD1BGmLRoz4mBflPcqBjT%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=e0f32d32-f0e1-0d5f-3f61-3032c614ed51

35 B
250 B

86ms
84ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=e0f32d32-f0e1-0d5f-3f61-3032c614ed51
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:35 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 25 Sep 2023 02:59:33 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=e0f32d32-f0e1-0d5f-3f61-3032c614ed51
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-2745d345-dfff-5e2c-497f-640f7055226f$ip$31.10.154.0

0
0

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-GbL0NslE2pdyoKoWIQ5SkTOqyxJfF8s1Z6fS~A

0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 0BB4 0
0

GET 142
match.deepintent.com/usersync/ Frame 0BB4 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_8131dfe4-8060-4938-8e59-0e151c51c90e&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=Tfup69UWsbAyxebn7ZN6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2VDGOVYDMOKVK5ZWEQLZPBSWE3RXLJHDM...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tfup69UWsbAyxebn7ZN6&us_privacy=1---

35 B
250 B

272ms
86ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tfup69UWsbAyxebn7ZN6&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:35 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 25 Sep 2023 02:59:34 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Tfup69UWsbAyxebn7ZN6&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=2c993dfc-77af-4b4e-8473-598f4cea5b98

0
0

GET rtset
bh.contextweb.com/bh/ Frame 0BB4 0
0

GET

usersync
usersync.gumgum.com/ Frame 0BB4
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=7440678421575996197

0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 0BB4 0
357 B 916ms
911ms Image
image/avif 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_8131dfe4-8060-4938-8e59-0e151c51c90e
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:33 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 9F9A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
https://rtb.gumgum.com/usersync?b=adf&i=1859536638041122564&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D

35 B
208 B

446ms
435ms

Document
image/gif

52.18.35.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=1859536638041122564&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Mon, 25 Sep 2023 02:59:34 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 25 Sep 2023 02:59:33 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=1859536638041122564&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET

usersync
usersync.gumgum.com/ Frame E156
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=ZRD3lQAPrNQWvABV&gdpr=0&gdpr_consent=

0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 4B31 170 B
188 B 1198ms
1187ms Document
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84MTMxZGZlNC04MDYwLTQ5MzgtOGU1OS0wZTE1MWM1MWM5MGU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3BF8 15 KB
6 KB 267ms
265ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=93857
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Mon, 25 Sep 2023 02:59:33 GMT
expires: Tue, 26 Sep 2023 05:03:50 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 6FEF 70 B
264 B 565ms
564ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 25 Sep 2023 02:59:33 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 862C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZRD3lsCo5swAAFKbqPwAAAAA

35 B
250 B

104ms
103ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZRD3lsCo5swAAFKbqPwAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 25 Sep 2023 02:59:36 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 25 Sep 2023 02:59:36 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZRD3lsCo5swAAFKbqPwAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 347
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad88.dc4p.scaleout.jp
X-SO-IP: 31.10.154.0
X-SO-Key: ZRD3lsCo5swAAFKbqPwAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"31.10.154.0","key":"ZRD3lsCo5swAAFKbqPwAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad88"}
X-SO-LB-Hostname: a-tgng40008.dc2p.scaleout.jp
X-SO-Upstream-ID: m-ad88

GET gumgum
cs.admanmedia.com/sync/ Frame BFA4 0
0

GET

usersync
usersync.gumgum.com/ Frame C94D
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=uV9seuszjORJRcEc953s&pi=gumgum&tc=1

0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C529
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

882ms
61ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Sep 2023 02:59:34 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 25 Sep 2023 02:59:33 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
253 B 544ms
543ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=-48&tvi50=12238&route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 62
date: Mon, 25 Sep 2023 02:59:34 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 59631
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
server: nginx
x-timer: S1695610775.548449,VS0,VE62
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C529 36 KB
11 KB 59ms
59ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7b741f25f1ee134dacc62bd33303d64e99613bdbb783cda2418f396df78d5e28

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:34 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Sep 2023 23:57:13 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75407
Connection: keep-alive
Content-Length: 10516
Expires: Mon, 25 Sep 2023 23:56:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 64ms
63ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39k2&_p=983468293&cid=812447560.1695610762&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1695610769&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=%E8%87%BA%E7%A9%8D%E9%9B%BB%E5%9F%BA%E9%87%91%E6%9C%83%E6%8D%90%E8%B4%88%E4%B8%AD%E5%9C%8B%E9%99%84%E9%86%AB%E3%80%8C%E9%9B%B6%E6%8E%A5%E8%A7%B8%E9%98%B2%E7%96%AB%E6%8E%A1%E6%AA%A2%E7%AB%99%E3%80%8D%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame C529 7 B
765 B 58ms
57ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LMYAVC9L-W-8BLJ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E0CB 156 B
190 B 381ms
380ms XHR
text/xml 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3949759425947041&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL8h0yeo4nFzfmEwmvza4Lg%3A1695614365%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A910D5F6-C441-47DE-AFAA-2EE2AAF21C41&nel=0&eid=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html&dt=1695610774841&cookie=ID%3D75f53fd7a1ff790d-2204acea1ce400bd%3AT%3D1695610764%3ART%3D1695610769%3AS%3DALNI_Mam-gnerVEK17ZcN4WvhrWF01g8YQ&gpic=UID%3D00000c83515ffee2%3AT%3D1695610764%3ART%3D1695610764%3AS%3DALNI_MYkpzFm6F7nNeIGVIb5xi8v_qf83w&scor=2165334815497209&ged=ve4_td14_tt6_pd14_la14000_er698.400.699.800_vi0.0.1200.1600_vp100_ts0_eb24171_ct10

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

usersync
usersync.gumgum.com/ Frame C529
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMYAVC9L-W-8BLJ
https://usersync.gumgum.com/usersync?b=mag&i=LMYAVC9L-W-8BLJ

0
0

POST
H2 204 csi
csi.gstatic.com/ Frame E0CB 0
54 B 81ms
76ms Ping
image/gif 142.250.147.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmyavj7p&c=6780929860551&slotId=3390464930275.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.147.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rd-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK appnexus-html5-lib.min.js Show response
acdn.adnxs.com/html5-lib/1.3.0/ Frame C52E 9 KB
3 KB 79ms
77ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 02:59:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 May 2016 15:39:23 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Akamai-EW-Subworker: 8096267
ETag: "574db02b-2499"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 2930
Expires: Tue, 26 Sep 2023 02:59:37 GMT

GET
H/1.1 200
OK ab19c51ca30a58806acff13167fbccf2.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 4 KB
4 KB 62ms
60ms Image
image/webp 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ab19c51ca30a58806acff13167fbccf2.webp
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 7227f871723e5c4354b2767befb2b95adf43d8f58789c95a893b848fdcde6ed3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Mon, 06 Nov 2023 07:43:19 GMT
Date: Mon, 25 Sep 2023 02:59:35 GMT
Via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 595b7eb4-be78-4f6c-8d19-f28e3a56fdda
Age: 242176
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3632
X-Served-By: cache-lga21952-LGA, cache-fra-eddf8230033-FRA
Last-Modified: Fri, 22 Sep 2023 07:34:50 GMT
Server: nginx/1.21.3
X-Timer: S1695610775.293801,VS0,VE1
ETag: "31c1a0d9b23f242888f5a7b9d261f877"
Content-Type: image/webp
Access-Control-Allow-Origin: *
X-Clv-Request-Id: 595b7eb4-be78-4f6c-8d19-f28e3a56fdda
Cache-Control: max-age=3888000
Accept-Ranges: bytes
X-Clv-S3-Version: 2.5
X-Cache-Hits: 2, 1

GET 6386c8a4a4ea23ade5d429c207065fa8.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET eaa754a4a84cfd60cb2d162f9ba8ee00.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET bc983de413cbce53d3abcfbd6866cf7b.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET 97e8c4dc5b6d8d67fc228318c72ba4e8.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET 7c04f352429972c8f52661c97e6dc0b3.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET c989183f50231d4ce05e4d2b9f75cc67.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET 900eadab5f403207c4aa3ab13542ef8d.webp
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 0
0

GET
H/1.1 200
OK 5024408bc3972d5ceb5eac66eaaa2b81.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/ Frame C52E 297 B
930 B 155ms
55ms Image
image/svg+xml 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/images/5024408bc3972d5ceb5eac66eaaa2b81.svg
Requested by: Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: b14ee88f088d3b20f017a710e438ac9416463824de0766e8cb01c5f41483fdd1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/9/22/50372456/index.html?clickTag=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQiO78OoBhCz46Dhvq6Y_2MYk6eg7dD4hKwhIPLsxgoo_VwwuVw4AkCIt6PeAUi5tIoBUABaA1VTRGIBBfBSaNgFcFp4tZGzAYABgtkFiAEBkAEBmAEFoAECqQHPjAMcCvfMP7EB5nE9tF3txD-5AQAAAOBRuL4_wQHN43ol2l_dP8kBa5-OxwxU5D_YAQDgAQA.%2Fs%3D4d891d4b1207aca89342aa1e5486b6a57cba6720%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521_RQP4gjA8LwZEIi3o94BGLm0igEgACgAMQAAAAAAAPA_OglGUkExOjU0NDZAyURJ96-sNCkF7T9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjRlJBMTo1NDQ2%2Fbn%3D93314%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F81501%252Fdas-boot%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_Das_boot_S4%2526utm_term%253D7437477_18487615_276438055_466148232_728x90_22132338_11901%2526utm_content%253DDas_boot_S4_sept23_DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Mon, 06 Nov 2023 08:16:43 GMT
Date: Mon, 25 Sep 2023 02:59:35 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 8327ae9b-16d9-4b28-90ea-91c53182df26
Age: 240172
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 200
X-Served-By: cache-lga21935-LGA, cache-fra-eddf8230128-FRA
Last-Modified: Fri, 22 Sep 2023 07:34:50 GMT
Server: nginx/1.21.3
X-Timer: S1695610776.511167,VS0,VE1
ETag: W/"5024408bc3972d5ceb5eac66eaaa2b81"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Clv-Request-Id: 8327ae9b-16d9-4b28-90ea-91c53182df26
Cache-Control: max-age=3888000
Accept-Ranges: bytes
X-Clv-S3-Version: 2.5
X-Cache-Hits: 3, 1

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/ 1 MB
0 81ms
80ms Media
video/mp4 212.8.250.227
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/L8h0yeo4nFzfmEwmvza4Lg:1695614365/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.227 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-227.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

Date: Mon, 25 Sep 2023 02:59:35 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 32768-17211103/17211104
Connection: keep-alive
Content-Length: 17178336

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
123 KB 75ms
75ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0fc6b0311c6ce151569fee1d73bcfeacb5b743650d6d0349aeb35150480a000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125690
x-xss-protection: 0
expires: Mon, 25 Sep 2023 02:59:35 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
794 B 88ms
87ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=6926735&noaop=3&sortOrderType=0&cb=1695610775494&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1556&pt=1650706199&tz=120&viewable=true&ddast=V80AMCLAZ4JOBHIrEYwRPwSMCPRGIxgi8AAABgYID-AIm5PDbXwrNYKxyDkVs0c-7WwtVs5tYNViPPbLVyTWYTIyDJxcizsdhWa81sOFuLVsbVWuEwDNaixcrmWplMFt9mZAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZuaDodPte9Xvf73SU-z1zj9yv8oofTLXW6RU6H3S11uqVOu1voerqlrofdLX3ZfW7p0W_3uXWuv1vmeiufbrHT7nNLnS630G_3uWUOu8-tfLo1Dqdb6nTY3dKjw24Xmt5mOwAAAAB4AJAW-wjhBxAAIAIAAACABAAAAAAKARX-LQhcAAAAAMAAsHC7qgHgmYPBmv2ml90fAAAeCkAAAAhgkABAQD8sARBjvHcCAAAAAAAAAIDF____f4wB_Mo-GQQD6zU9AB58ADwQKRAtwggAAADAh4ImwJFJOkHFogoAAEG6FYArAAABispG_8JhAAAABMYs0MPi95sddo3f7TIAAAAAAAAAAGb-z_yjEephbk4TlHDkquYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gORu4xytHCPnwjHZLByz5WLmMhlnns1yM7ItlxPvKS61FWgFYRvusyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_ArgcoIkYLJeTyWKyW41Wo81wN5oNFkggBhNE0aLBZDUaTRaT4Wo0Wc2Wi91ugyhatZqNNoPhajaZ7Xar4WC4HI3QhC1Gq8lksxzOlovJYDgajkZDBGO-kc04WC7WqtVy5BYtZiO3crJYrDU2l3Nj8Zg2NstsLXp9TB_DwjcybLxIMIBuL4KLdCJ4mN0O08st8Xk2fotYojlZpBPZZd_cbZyjlWPkXDgmm4VjtlzMXCbjzLNZbka25XLir_lGNuNguVirVsuRW7SYjdzKyWKx1thczo3FY9rYLLO16PUxfQwL38iw8Tdmy9VsMdjNRvvGbLmaLQa72WjfoTN8V5-zUVlWST4-kbd2bjlvToPCZbB4X-rTeVgwFoQlz9HpszyV3Z3R7_f7_X6_3-_3-w1az8FsUPieh79w-liey-Fs9CA2GBSxRHC6SCeil_F0EUskT4t0IlitHLbNajOxORfDyXDkmqx2C4dtMDPsBhPbxmQRS5Smi3SiV_hFD6db6nSLnA67W-p0S512t9D1dEtdD7tb-rL73NKj3-5z61x_t8z1Vj7dYqfd55Y6XW6h3-5zyxx2n1v5dGscTrfU6bC7pUeH3S40vc0W9R8tzGKuGMwVq9FcsEoAAAAAAAAAAJZgmukmAAAAAE4GNdwMF6vlArgIytIFbAIAAAAAAFCsscca4GF2O0wvt8Tn2fitDECCOY_ZZp4RxFqtljUAAAABbAAAAAHcdONNQIskZx-QFSAAAAAAAL-CmEw2w_0DUCHWarV8vlir1RL4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA!unf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:35 GMT
content-encoding: gzip
server: nginx
machineid: 1481
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D6E0 5 KB
5 KB 279ms
119ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52827831&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 47078b18baf9995a98aa5210571776743846b0b436aa8aadb156818f95053019

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 25 Sep 2023 02:59:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6243 16 KB
12 KB 73ms
71ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90c1912ae58adaeed25291d89982329c93f493b7862d7b63a470f3cae8553409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12095
x-xss-protection: 0

GET
H2 200 bridge3.591.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 526F 723 KB
232 KB 61ms
60ms Document
text/html 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 272621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236868
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 23:15:54 GMT
expires: Fri, 20 Sep 2024 23:15:54 GMT
last-modified: Thu, 21 Sep 2023 23:07:47 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A1A6 40 KB
14 KB 60ms
60ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 25 Sep 2023 03:28:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6243 17 KB
6 KB 69ms
69ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 02:59:35 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA7B 13 KB
5 KB 84ms
82ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 18637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Sep 2023 21:48:58 GMT
expires: Mon, 23 Sep 2024 21:48:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C822 829 B
792 B 61ms
60ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

0c789159fffed2c8ed68f3d0378f563aa5f47224b0eea72dbee7187a47297c48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2JoLBoZRofrR5Wnk7nOhaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2JoLBoZRofrR5Wnk7nOhaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:35 GMT
expires: Mon, 25 Sep 2023 02:59:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame E0CB 0
54 B 86ms
86ms Ping
image/gif 142.250.147.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmyavjk4&c=6780929860551&slotId=3390464930275.5&ghmsh_eids=31061775%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.147.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: rd-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C822 0
0 100ms
100ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230920&jk=2604262855037237&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/tai-ji-dian-ji-jin-hui-juan-zeng-zhong-guo-fu-yi-ling-jie-hong-fang-yi-cai-jian-zhan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A7A8 43 B
362 B 65ms
65ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 25 Sep 2023 02:59:35 GMT
expires: Mon, 25 Sep 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 186421
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 01BB 43 B
855 B 100ms
99ms Document
image/gif 67.220.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22&redir=true&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.232 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 25 Sep 2023 02:59:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZCSVJZQJCBT774RDSA8D

GET
H2

200

cs Show response
cs-rtb.minutemedia-prebid.com/ Frame A160
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CJS-z1iWts4Tl7rMXcKimQyQucYTkO2eD5MWmJzJ
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

0
477 B

162ms
162ms

Document
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ads.pubmatic.com/
content-length: 0
content-type: application/javascript
date: Mon, 25 Sep 2023 02:59:36 GMT
server: istio-envoy
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
x-amz-cf-id: ADmN6emEr2vdZELekP7kzCU-hX3Oq6gX34a1fQx1ifLejwgQL1sGng==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0

Redirect headers

content-length: 117
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 02:59:35 GMT
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

cs Show response
cs-rtb.minutemedia-prebid.com/ Frame 6A6B
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2402692138260763539&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

0
476 B

327ms
327ms

Document
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ads.pubmatic.com/
content-length: 0
content-type: application/javascript
date: Mon, 25 Sep 2023 02:59:36 GMT
server: istio-envoy
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
x-amz-cf-id: lHedYud92v6WP2lzkJOs4mI6Us06HMDks4Jf9Y_VupaiTMsN0qi8yw==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0

Redirect headers

content-length: 117
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 02:59:34 GMT
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET /
dsp.adfarm1.adition.com/cookie/ Frame C5C8 0
0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 9B7E
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=J0XTRd__XixJf2QPcFUibx8KmgA&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
0

77ms
77ms

Document
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private,max-age=86400
date: Mon, 25 Sep 2023 02:59:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Mon, 25 Sep 2023 02:59:36 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame 0E79 85 B
259 B 164ms
164ms Document
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 25 Sep 2023 02:59:36 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230064-FRA
x-timer: S1695610776.009403,VS0,VE94

GET

rtset
bh.contextweb.com/bh/ Frame B191
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEZi1rN0tJZThBQUJsb1RkQ1p6dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AADf-k7KIe8AABloTdCZzw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7440678421575996197&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AADf-k7KIe8AABloTdCZzw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7440678421575996197%26gdpr%3D0%26gdpr_consen...

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9AB5
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

67ms
66ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 02:59:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Mon, 25 Sep 2023 02:59:36 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET bridge
cm.adgrx.com/ Frame 45CA 0
0

GET sync
t.adx.opera.com/pub/ Frame 0F50 0
0

GET cm
ipac.ctnsnet.com/int/ Frame A2FB 0
0

GET
H2

200

cs Show response
cs-rtb.minutemedia-prebid.com/ Frame 2CDE
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725412450400
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22

0
477 B

335ms
335ms

Document
application/javascript

18.239.18.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-44.ams58.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ads.pubmatic.com/
content-length: 0
content-type: application/javascript
date: Mon, 25 Sep 2023 02:59:36 GMT
server: istio-envoy
via: 1.1 428178e04c8c5f5460c3935b1e7203be.cloudfront.net (CloudFront)
x-amz-cf-id: 4AZhvdsAlGi1PwGlLOyircUvHGioLk__UX1XoykJ1eFqVqUEcNpvXQ==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1

Redirect headers

content-length: 117
content-type: text/html; charset=utf-8
date: Mon, 25 Sep 2023 02:59:34 GMT
location: https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pubmatic
d5p.de17a.com/getuid/ Frame E825 0
0

GET pubmatic
ad.mrtnsvr.com/sync/ Frame 163F 0
0

GET cookiesync
core.iprom.net/ Frame 5F2E 0
0

GET
H2 200 i.match Show response
a.tribalfusion.com/ Frame F667 43 B
492 B 229ms
222ms Document
image/gif 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 80c00316183f0211-ZRH
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 25 Sep 2023 02:59:36 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 4782 0
0

GET
H2 200 sync Show response
ads.servenobid.com/ Frame 1B75 0
357 B 105ms
100ms Document
text/html 52.214.251.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Mon, 25 Sep 2023 02:59:36 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D6E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JamUl5OUTdqtXLqsANyMIg%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

67ms
66ms

Image
text/html

184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 184.30.16.195 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:36 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=93854
accept-ranges: bytes
content-length: 5606
expires: Tue, 26 Sep 2023 05:03:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Sep 2023 02:59:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET qmap
sync.crwdcntrl.net/ Frame D6E0 0
0

GET cr
cr.frontend.weborama.fr/ Frame D6E0 0
0

GET match
a.audrte.com/ Frame D6E0 0
0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D6E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBOYzNerjDlD9g39KJ47Lzs&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
153 B

111ms
110ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 25 Sep 2023 02:59:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame D6E0 43 B
409 B 79ms
72ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 24 Sep 2023 02:59:36 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D6E0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1859536638041122564
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
153 B

110ms
109ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 25 Sep 2023 02:59:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D6E0 70 B
264 B 88ms
81ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Sep 2023 02:59:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET

SPug
image4.pubmatic.com/AdServer/ Frame D6E0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=25A99497-9394-4DDA-AD5C-BAAC00DC8C22&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-F53eG.NE2uU3dhCxXZmBH1mFykN2XB8-~A&gdpr=0

0
0

GET
H2 200 25A99497-9394-4DDA-AD5C-BAAC00DC8C22
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D6E0 43 B
602 B 107ms
100ms Image
image/gif 54.77.73.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/25A99497-9394-4DDA-AD5C-BAAC00DC8C22?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.73.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-73-229.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D6E0
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=0&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=da0563dd-315a-41fc-8028-808cd3770a70&ssp=pubmatic&expires=30&user_group=5&bsw_param=551fb62f-77b0-4afe-8782-b7992efe91d1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=551fb62f-77b0-4afe-8782-b7992efe91d1&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
219 B

90ms
90ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:36 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 25 Sep 2023 02:59:36 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pixelSync
pixel-sync.sitescout.com/dmp/ Frame D6E0 0
0

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame D6E0 0
0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame D6E0
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4547393657392022718&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
153 B

104ms
103ms

Image
text/plain

198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 02:59:35 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Mon, 25 Sep 2023 02:59:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame D6E0 0
0

GET apn
ads.playground.xyz/usersync/ Frame D6E0 0
0

GET
H2 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame CA7B 37 KB
14 KB 67ms
66ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS