urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu....
Submission: On November 22 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 12 countries across 88 domains to perform 426 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
8 152.199.21.70 15133 (EDGECAST)
32 151.101.65.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
23 185.132.133.134 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 162.210.196.208 30633 (LEASEWEB-...)
2 2a04:4e42:400... 54113 (FASTLY)
8 23.97.225.52 8075 (MICROSOFT...)
2 9 51.89.9.253 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
3 3 18.197.41.124 16509 (AMAZON-02)
2 2 188.42.34.64 7979 (SERVERS-COM)
1 185.180.223.67 49981 (WORLDSTREAM)
1 167.235.184.171 24940 (HETZNER-AS)
1 81.17.55.98 60781 (LEASEWEB-...)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
26 2a00:1450:400... 15169 (GOOGLE)
3 2600:1f18:24e... 14618 (AMAZON-AES)
1 141.226.228.48 200478 (TABOOLA-AS)
2 2 23.37.42.132 16625 (AKAMAI-AS)
5 23.218.210.30 16625 (AKAMAI-AS)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 8 172.64.151.101 13335 (CLOUDFLAR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
3 6 185.89.210.153 29990 (ASN-APPNEX)
1 18.197.219.206 16509 (AMAZON-02)
1 23.218.209.56 16625 (AKAMAI-AS)
1 35.157.214.172 16509 (AMAZON-02)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
4 172.67.10.198 13335 (CLOUDFLAR...)
8 54.171.91.135 16509 (AMAZON-02)
1 3 147.75.84.158 54825 (PACKET)
3 35.186.253.211 15169 (GOOGLE)
1 3.248.171.173 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 151.101.1.44 54113 (FASTLY)
20 185.106.33.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
14 18 69.173.144.138 26667 (RUBICONPR...)
5 212.8.243.37 49981 (WORLDSTREAM)
5 52.223.40.198 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 133.186.12.18 10010 (TOKAI TOK...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
2 4 52.95.126.138 16509 (AMAZON-02)
2 5 209.54.182.161 16509 (AMAZON-02)
8 31 142.250.186.162 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.48.186.244 16509 (AMAZON-02)
1 1 52.70.1.191 14618 (AMAZON-AES)
5 5 3.71.149.231 16509 (AMAZON-02)
1 23.50.131.75 20940 (AKAMAI-ASN1)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
2 52.59.133.66 16509 (AMAZON-02)
6 2001:4860:480... 15169 (GOOGLE)
1 185.84.60.23 198622 (ADFORM)
8 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
3 104.18.36.155 13335 (CLOUDFLAR...)
2 2 35.186.193.173 15169 (GOOGLE)
1 1 172.105.213.147 63949 (AKAMAI-LI...)
4 4 64.74.236.31 22075 (AS-OUTBRAIN)
1 1 43.206.65.221 16509 (AMAZON-02)
1 54.92.58.92 16509 (AMAZON-02)
1 2 23.32.185.35 16625 (AKAMAI-AS)
1 1 193.108.153.6 20940 (AKAMAI-ASN1)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 133.186.12.12 10010 (TOKAI TOK...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 154.59.122.79 174 (COGENT-174)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 142.250.185.198 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 46.4.10.49 24940 (HETZNER-AS)
1 2600:1901:0:e... 396982 (GOOGLE-CL...)
1 141.226.224.32 ()
1 4 138.201.84.252 24940 (HETZNER-AS)
1 23.218.208.23 ()
1 151.101.129.108 ()
1 5 34.98.64.218 ()
1 13.32.27.10 ()
2 172.64.149.180 ()
1 76.223.111.18 ()
4 4 37.157.2.229 ()
1 2a00:1450:400... ()
1 51.75.147.170 ()
1 77.245.57.72 ()
2 2 216.52.2.39 ()
1 216.52.2.48 ()
1 1 193.0.160.130 ()
1 1 2.18.160.23 ()
1 1 82.145.213.8 ()
426 96
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
13    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
8    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
32    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com
23    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.vidverto.io
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
feedback.adrecover.com
e3.adpushup.com
9    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
5    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    18.197.41.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.vidver.to
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    81.17.55.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
26    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2600:1f18:24e6:b902:6857:abc2:e420:ab40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
5    23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
6    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.197.219.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
a.teads.tv
1    35.157.214.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-214-172.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
8    54.171.91.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    3.248.171.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:223c:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
20    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    212.8.243.37 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-243-37.hosted-by-worldstream.net
cdn.vidverto.io
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    133.186.12.18 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p018.net133186012.broadline.ne.jp
js.genieessp.com
4    2a05:d018:d29:3602:4bb7:3e35:2446:7a5a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
31    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.48.186.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-186-244.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    52.70.1.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-1-191.compute-1.amazonaws.com
sync.ipredictive.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.50.131.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-75.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2600:9000:2251:9200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    52.59.133.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
match.sharethrough.com
6    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    185.84.60.23 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
6    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
gcm.ctnsnet.com
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1867-147.members.linode.com
a.c.appier.net
4    64.74.236.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    43.206.65.221 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-65-221.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    54.92.58.92 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-58-92.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
1    193.108.153.6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-6.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    133.186.12.12 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p012.net133186012.broadline.ne.jp
ialaddin.genieesspv.jp
2    2a02:26f0:480:25::1726:620a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dmp.im-apps.net
1    154.59.122.79 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
1    2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
1    141.226.224.32 (None, )

ASN- ()
cds.taboola.com
4    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal900024.redintelligence.net
1    23.218.208.23 (None, )

ASN- ()
contextual.media.net
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
5    34.98.64.218 (None, )

ASN- ()
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
1    13.32.27.10 (None, )

ASN- ()
public.servenobid.com
2    172.64.149.180 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
1    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
4    37.157.2.229 (None, )

ASN- ()
c1.adform.net
1    2a00:1450:4001:82b::200a (None, )

ASN- ()
ajax.googleapis.com
1    51.75.147.170 (None, )

ASN- ()
cdn.contentspread.net
1    77.245.57.72 (None, )

ASN- ()
sync.adkernel.com
2    216.52.2.39 (None, )

ASN- ()
ce.lijit.com
1    216.52.2.48 (None, )

ASN- ()
ap.lijit.com
1    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
1    2.18.160.23 (None, )

ASN- ()
hbx.media.net
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
ad.doubleclick.net — Cisco Umbrella Rank: 154
465 KB
56 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com
787 KB
48 googlesyndication.com
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com
469 KB
28 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
506 KB
27 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
41 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
305 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
105 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum-sec.casalemedia.com
7 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
101 KB
9 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
6 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
4 KB
9 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com
7 KB
9 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com
1009 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
5 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net Failed
2 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
dis.criteo.com — Cisco Umbrella Rank: 597
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
21 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com
22 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900024.redintelligence.net — Cisco Umbrella Rank: 218079
11 KB
5 adform.net
adx3.adform.net — Cisco Umbrella Rank: 59130
c1.adform.net
cm.adform.net Failed
3 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1011 B
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
319 KB
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
4 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com
static.smilewanted.com
14 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
grid.bidswitch.net — Cisco Umbrella Rank: 1165
2 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26793
audiencedata.im-apps.net — Cisco Umbrella Rank: 30155
3 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
509 B
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
1 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net
hbx.media.net
11 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com
10 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
757 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
3 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
feedback.adrecover.com — Cisco Umbrella Rank: 88253
12 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
647 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
gcm.ctnsnet.com
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
917 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com
840 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
2 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
305 B
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
180 KB
1 opera.com
t.adx.opera.com
673 B
1 rfihub.com
p.rfihub.com
735 B
1 adkernel.com
sync.adkernel.com
1 contentspread.net
cdn.contentspread.net
24 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 genieesspv.jp
ialaddin.genieesspv.jp — Cisco Umbrella Rank: 40856
643 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2858
1017 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7108
44 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 27875
514 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 15453
598 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
525 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
493 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
433 B
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42330
4 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
642 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
518 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com Failed
sync.smartadserver.com Failed
332 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
261 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
258 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 company-target.com Failed
s.company-target.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 ad4m.at Failed
ad4m.at Failed
0 360yield.com Failed
ice.360yield.com Failed
0 adroll.com Failed
d.adroll.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 brand-display.com Failed
dmp.brand-display.com Failed
0 liadm.com Failed
i.liadm.com Failed
0 dotomi.com Failed
dclk-match.dotomi.com Failed
casale-match.dotomi.com Failed
0 disqus.com Failed
ssp.disqus.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 turn.com Failed
ad.turn.com Failed
0 yellowblue.io Failed
cs-server-s2s.yellowblue.io Failed
0 minutemedia-prebid.com Failed
cs-rtb.minutemedia-prebid.com Failed
0 pubmatic.com Failed
ads.pubmatic.com Failed
0 gumgum.com Failed
g2.gumgum.com Failed
426 88
Domain Requested by
31 cm.g.doubleclick.net 8 redirects www.bg3.co
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
adpushup-d.openx.net
26 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
23 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
20 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 images.taboola.com www.bg3.co
13 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
11 pixel.rubiconproject.com 8 redirects www.bg3.co
csync.smilewanted.com
9 static.criteo.net ads.eu.criteo.com
cdn.adpushup.com
static.criteo.net
9 onetag-sys.com 2 redirects ad.vidverto.io
cdn.adpushup.com
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
public.servenobid.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 e3.adpushup.com www.bg3.co
6 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
6 csi.gstatic.com imasdk.googleapis.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
6 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
5 ups.analytics.yahoo.com 5 redirects ssum-sec.casalemedia.com
5 s.amazon-adsystem.com 2 redirects www.bg3.co
ssum-sec.casalemedia.com
5 match.adsrvr.org www.bg3.co
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
5 cdn.vidverto.io www.bg3.co
5 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
googleads.g.doubleclick.net
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
4 c1.adform.net 4 redirects
4 hal900024.redintelligence.net 1 redirects f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
hal900024.redintelligence.net
4 b1sync.zemanta.com 4 redirects csync.smilewanted.com
4 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
4 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 ib.adnxs.com 1 redirects cdn.adpushup.com
www.bg3.co
acdn.adnxs.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 ssum-sec.casalemedia.com js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
3 fonts.gstatic.com ad.vidverto.io
fonts.googleapis.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
cdn.taboola.com
googleads.g.doubleclick.net
3 rtb.openx.net cdn.adpushup.com
3 prebid.a-mo.net 1 redirects cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 trc.taboola.com cdn.taboola.com
www.bg3.co
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 x.bidswitch.net 3 redirects
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 ce.lijit.com 2 redirects
2 us-u.openx.net adpushup-d.openx.net
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 secure.adnxs.com 2 redirects csync.smilewanted.com
2 d5p.de17a.com 2 redirects
2 dmp.im-apps.net js.genieessp.com
dmp.im-apps.net
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 match.sharethrough.com www.bg3.co
public.servenobid.com
2 pixel.tapad.com 1 redirects www.bg3.co
2 px.ads.linkedin.com 1 redirects www.bg3.co
2 prebid.smilewanted.com cdn.adpushup.com
2 secure-assets.rubiconproject.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 region1.google-analytics.com www.googletagmanager.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 t.adx.opera.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 hbx.media.net 1 redirects
1 p.rfihub.com 1 redirects
1 ap.lijit.com public.servenobid.com
csync.smilewanted.com
1 sync.adkernel.com public.servenobid.com
1 cdn.contentspread.net hal900024.redintelligence.net
1 ajax.googleapis.com hal900024.redintelligence.net
1 eu-u.openx.net adpushup-d.openx.net
1 cms.quantserve.com 1 redirects
1 eb2.3lift.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 cds.taboola.com cdn.taboola.com
1 audiencedata.im-apps.net dmp.im-apps.net
1 pips.taboola.com cdn.taboola.com
1 hal9000.redintelligence.net f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com www.bg3.co
1 ad.doubleclick.net f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
1 dis.criteo.com f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 ialaddin.genieesspv.jp www.bg3.co
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 analytics.pangle-ads.com 1 redirects
1 cc.adingo.jp googleads.g.doubleclick.net
1 ds.uncn.jp 1 redirects
1 a.c.appier.net 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 ads.eu.criteo.com f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 adx3.adform.net imasdk.googleapis.com
1 live.primis.tech www.bg3.co
1 hb.yahoo.net www.bg3.co
1 sync.ipredictive.com 1 redirects
1 match.prod.bidr.io www.bg3.co
ssum-sec.casalemedia.com
1 js.genieessp.com www.bg3.co
1 589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 vidstat.taboola.com cdn.taboola.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 trc-events.taboola.com cdn.taboola.com
1 prg.smartadserver.com ad.vidverto.io
1 inv-nets.admixer.net ad.vidverto.io
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 feedback.adrecover.com www.bg3.co
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 s.company-target.com Failed ssum-sec.casalemedia.com
0 match.adsby.bidtheatre.com Failed ssum-sec.casalemedia.com
0 casale-match.dotomi.com Failed ssum-sec.casalemedia.com
0 ad4m.at Failed ssum-sec.casalemedia.com
0 cm.adform.net Failed csync.smilewanted.com
0 u.openx.net Failed csync.smilewanted.com
0 ice.360yield.com Failed csync.smilewanted.com
0 sync.smartadserver.com Failed csync.smilewanted.com
0 d.adroll.com Failed ssum-sec.casalemedia.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 i.liadm.com Failed ssum-sec.casalemedia.com
0 dclk-match.dotomi.com Failed f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
0 ssp.disqus.com Failed public.servenobid.com
0 sync.go.sonobi.com Failed public.servenobid.com
0 ad.turn.com Failed public.servenobid.com
0 cs-server-s2s.yellowblue.io Failed public.servenobid.com
0 cs-rtb.minutemedia-prebid.com Failed public.servenobid.com
0 ads.pubmatic.com Failed public.servenobid.com
csync.smilewanted.com
0 ssbsync.smartadserver.com Failed public.servenobid.com
0 g2.gumgum.com Failed public.servenobid.com
0 static.bg3.co Failed www.bg3.co
426 153

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.adrecover.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-10 -
2024-11-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-16 -
2024-11-26		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2023-03-31 -
2024-04-30		 a year crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
contentspread.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh

This page contains 64 frames:

Primary Page: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Frame ID: BA8144B3EA900D14BB36D5C55AD275FB
Requests: 184 HTTP requests in this frame

Frame: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02AD561B504CBA4CA846629F8FAA259F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9O7lC9BFahUqJbj4b21U-KwenMfQZc32jnkuN_4_DEN2L2NquC5sIyJsyxhCjR0q2YtU_YKulkhDBuIRiy6Gf86tyZADgFnTGE8PQgwrnxD8tvIxC-cvZEhuNJBppRx5euK6zYYWVu88m0MM2dMGgZq6q2KDs35N1xqZGEXbZxtJmdxp5jXoKn_jrV_NMvoR10fAePW8BKAdzY6Z3foSGL-6Qw6zr5NQHEaIu-q2r0niTOfUMismmBLnaEYPpXEYSYWNswMMUWdPXQfd80RemflR7CTi7s-zGGvjMIea7cbRWSnVPIqpwMKY4IhtbMXaDow&sai=AMfl-YS0gxlTS3bZvM_1B80EkKiqtt1Ap5F1nc6y3QxPhpE3rfcMl02rIj2-wzg-KTbr0D9vWEQzfFweMSgJvFXisggTr_drGUBpezjEoaGuiWPY2CEi9P_mjGdwDtk07a4bUvOatSu2gV7i1YScq-bjIqK79j7Dge3wkvY96g&sig=Cg0ArKJSzExvJPgyd8FoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D56B8D38B80227026681079C43E28AD7
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0A8E25F47DCDD9186D3183BF993AA5A5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: BE14AB2B3B211A5F69B7D6EB8A5577F5
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BEB4961D2B81BEF570CF21BADD43CD9E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 6131E245AE6807309EEEA69C279E52FF
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 4092A86C70BBD6DAE3FCFF4B64BF9E86
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: CCF05745C5065FC94D89EA80BE5B06EF
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A37D030F983F8BA1FCFF8990597E12EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Frame ID: 59BF07B70FC5AA2493F6BFFDA36D5D49
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 67AC00C99A0A6B7C8D36D37DFCB3D393
Requests: 2 HTTP requests in this frame

Frame: https://589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B06E2D6E665265ABE458C1B2A01B6701
Requests: 1 HTTP requests in this frame

Frame: https://js.genieessp.com/t/550/967/a1550967.js
Frame ID: B7289553619C1AA3594414A8B0183560
Requests: 6 HTTP requests in this frame

Frame: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4AB2B48BD00666ADA745A19B7986A1C0
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 51568063999F8BD3413EF6289147FE7F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 398F7364BE0CDC06C12C7079A45B02D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D668F1B592AC4EB36035BB6F0846E95B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64334B7BEF29AF766DA7DDADA61AB537
Requests: 2 HTTP requests in this frame

Frame: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3CE7F58D82FEBDA47C8B7C2BAB5909A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B88D4E28CB70DA7410878B509BBFD5DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51544639DF8B984A5D64AF1DAC5BD231
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWr1KmhJmlx-NCSdJX3rLaiupoOjuQnTaFx45iH_PEmnK9AEgUO7JiBr9mor5seQaoOMv8y6vXuE8yD7MERYfKaSXEVgw
Frame ID: 5AC2D1A0787C542697E323D36548EB9A
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: B331CAE46594BBC6E23D09B99AD2A0EB
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 18F3E7BA7A587061D5F5CF3F4AC0D19C
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: D0EDF37D5908A7C8AC4FB8867DD56B2C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0EAF2A007C9470A1C6D9B9EF3AC7DB25
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 89B1F54EA13F0491216C75F23BDF6775
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 840BDA9095EE43F18CC6FE29C90C4AF8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4A78CAF5521041D7494A61D27A7EAB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2E896D974297EAC00574F2854C5DCDEE
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DFA107DC887BD861E581BA85E786FA7C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ACECB1B1716E3D76B86233071EB20385
Requests: 3 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: A661A892BBF05E8F9087DB86420CE29D
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700665965483
Frame ID: 212F3D85A0C9A02B41D48D16CADAECA3
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 3CE430C98C664925C034FC086C26B474
Requests: 13 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: E65D3A0BB4DBA33246EB2D5E40425BF6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 58AF43C8D7E3EF4C1428E7C80F733C10
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: A93FFCAF7B2A836D611254DE834530B7
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3DD955A1EFB846005C86BA2352D1B3F9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5ECCB68F1FFD3A9ACFC94050ACBE407A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700665965351
Frame ID: A36D920E72C957A4C597D0482DA1623A
Requests: 1 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
Frame ID: 7FD61794DC55E87662C22148D0360C33
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BBF4E17710A0CF4E4A4782B993B3C5D2
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CF2F7211E4AEB908D4676B6910E6F017
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: EABD3967391C20BBCB4B1FFD5AEAF8E1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: C69CC4C44643DA04FC3AD6DE10A2E9C1
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 3A1E3A63E1EC2B596087E7477A11DB37
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E9A64D4E2606D9DDE73C14E9B26F66D2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 15F39EC0A3AE88CBE420E46BC51E6FCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 0393DE6C8419F7A8D1A586C12953A0C0
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: AD89C867107B42D4AC87CF7AB3E90EA5
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: D5E718BA0540C777570916B757884A88
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: F74C5B9ED9BEC15BA75FBDAFF15C6147
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: EC9B74DFD9FAB5D77E0B19D2F58BC865
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Frame ID: 8546549A1FDDC4BC0F18A19D93879F8B
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
Frame ID: 097DBAE3B82011BD106414A87028B090
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 230D1D681D688907FC5FB9EFAB27B5F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 49175FB9CC01D9569761C5D97B2D3278
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 0155A1A2E6FBA7694AEEB7011443DD24
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
Frame ID: A383F7669ECE243A7DB7363E6BA77044
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: CBF000E1508378B5B96D4F4E6794AE4F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 5BADE064A8DD99BC686567FC8B42F80D
Requests: 1 HTTP requests in this frame

Frame: https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
Frame ID: 79003592F7319DED2016344E28F6C6A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

426
Requests

75 %
HTTPS

32 %
IPv6

88
Domains

153
Subdomains

96
IPs

12
Countries

4682 kB
Transfer

17202 kB
Size


Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 56
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=a6b86ef7-66b6-4871-a09a-6977d2ca2d0f&p_id=23
Request Chain 57
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=672f6401-02e3-407e-88ae-702c014f8658&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=672f6401-02e3-407e-88ae-702c014f8658&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-1702271325751588014 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=be21788f-c6ba-5246-9631-e2cff36ff8a2&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=8c20d9cb-95ce-4da4-ad0c-e0ef93420e05&p_id=15
Request Chain 78
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 167
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP9WLTD0-G-2H8 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP9WLTD0-G-2H8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 185
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sXFnZ7PtI_ko97xEPS-8DQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cI0ibVBE2oLt4Xb0tuCTu5sJ7HpBzJzXQNHz0Q--~A
Request Chain 186
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c71_PTS8R2CJzdH7vSvYdw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c71_PTS8R2CJzdH7vSvYdw
Request Chain 187
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FnV0fxOQQ8SW9KemITNq1A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FnV0fxOQQ8SW9KemITNq1A
Request Chain 188
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWY2ZjEwNjUzMTNiMjU0MTgxNTQ5NWE5ZGMyNzczMGNjZmNhMDgxMg
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRLxShYdtkkv4C9PEeVPDE&google_cver=1
Request Chain 191
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP9WLTD0-G-2H8&ex=d-rubiconproject.com&status=ok
Request Chain 192
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA5V0xURDAtRy0ySDg= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqs5eWdHZdAlArJTIJl-Ac&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5V0xURDAtRy0ySDg=&google_push=
Request Chain 193
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9WLTD0-G-2H8
Request Chain 195
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=627c327b-88a2-4cbf-8988-a549aea27485&expires=30
Request Chain 196
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP9WLTD0-G-2H8&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP9WLTD0-G-2H8&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP9WLTD0-G-2H8&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yXzcuRnU1RTJ1SF9IMGFIUjNEdHB1LjdsN1d0R1duSn5B&ovsid=LP9WLTD0-G-2H8&dpid=58160
Request Chain 197
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9WLTD0-G-2H8
Request Chain 198
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8
Request Chain 199
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP9WLTD0-G-2H8
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP9WLTD0-G-2H8
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1&C=1
Request Chain 256
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV4abyeknWApKLJL0ncBIgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1
Request Chain 259
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECYgO_VucuXxDamdwBCwlLA&google_cver=1&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0dd49xpHxOEpZ7Bs0ec__mB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0dd49xpHxOEpZ7Bs0ec__mB&google_hm=uPoi-aXLT1eR5JgcMear5AU
Request Chain 260
  • https://a.c.appier.net/gcm?google_gid=CAESEJ22qDup1K_oqQV_6eGgIrc&google_cver=1&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzPVEDeMxgIftk8gVqhw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qk93SlpULXNDUWVMeENfMWNCcGVaUQ%3D%3D&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzPVEDeMxgIftk8gVqhw
Request Chain 261
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_cver=1&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u&google_hm=V29HeE5CVTJfNVF1eFh5eGxBaGc=
Request Chain 262
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJlWPJSRNX9W1fGkax3JuiY&google_cver=1&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWYB1F1e5tbCbwqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWYB1F1e5tbCbwqA&google_hm=AYa0bcGcHUYhtwWXHXCX-qE
Request Chain 264
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMDCiFn1OCO3E2BOniBX4gU&google_cver=1&google_push=AXcoOmTUJschtdX2KSA3Bu_Smzh8tPR03OQOtU8LutKs_FKE4i4BT9i68WhWgSGSh-RCoMS5bCN8O9QcLP4kPfTct_fUyIdaYnNrtBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODY5NzZmNzgtMjUxNS00Yzg1LTljODAtZWYyZjExNmRlNGRj&google_push=AXcoOmTUJschtdX2KSA3Bu_Smzh8tPR03OQOtU8LutKs_FKE4i4BT9i68WhWgSGSh-RCoMS5bCN8O9QcLP4kPfTct_fUyIdaYnNrtBQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 265
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEDeOAy0oBDI9y7zmtTBFe9k&google_cver=1&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVClwLP1EEimsuXvLI5sEv_KQVmFRCG1RkLb1qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVClwLP1EEimsuXvLI5sEv_KQVmFRCG1RkLb1qg
Request Chain 289
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 291
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELgiekW1E7F_xi7FBhQzLNo&google_cver=1&google_push=AXcoOmSdrAYRqkzKZ5psyBIpblmlLHcfAuNWqOk7z40aUdrbSD28yL3rMJy7wKaMsJT_sZxAqr2PaP1jVjZ_uQLpPmjy_zfHs6et HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855432713752&us_privacy=1---
Request Chain 292
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJm9DbEFARnkcCp4N5JO8tw&google_cver=1&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5WylRrE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5WylRrE&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
Request Chain 293
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECII1k9KoU5--vZU6BMDkAw&google_cver=1&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECII1k9KoU5--vZU6BMDkAw&google_cver=1&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg
Request Chain 295
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_cver=1&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec&google_hm=V216U1BtcnBIRUdpV2NBVWdnSWw=
Request Chain 296
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN2x9GfqBLdtbyOCMHJkWjc&google_cver=1&google_push=AXcoOmQqH1THScIV4Nd6hyTYqUuYb6gg_6e4-rBGPqMToemprMdz5O487A46BAktwhe9uh8wHyGEdmDfUoSCTTy80MALSkm8dWaFQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqH1THScIV4Nd6hyTYqUuYb6gg_6e4-rBGPqMToemprMdz5O487A46BAktwhe9uh8wHyGEdmDfUoSCTTy80MALSkm8dWaFQQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 297
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WIl81sN4Swh-kGbXf0qnEPvJQMq6Ow3KzuIztspdYl9yTODucS7ZpYvZkxu6kqTiYAp7-w HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELzBW_Skh4IQqv_kYMTB-Iw%26google_cver%3D1%26google_push%3DAXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WIl81sN4Swh-kGbXf0qnEPvJQMq6Ow3KzuIztspdYl9yTODucS7ZpYvZkxu6kqTiYAp7-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjYzNDYzNTUxODM3NjI0NTA2Ng%3D%3D&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WIl81sN4Swh-kGbXf0qnEPvJQMq6Ow3KzuIztspdYl9yTODucS7ZpYvZkxu6kqTiYAp7-w
Request Chain 327
  • https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9784680092510&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9784680092510&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 344
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 359
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=T5hJsEjMSrFUzErnS85RtE_OGLRUlR3sSp7LbDq8
Request Chain 360
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7623712943744125039
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcauerdYAs-6wpXFIpdj5E&google_cver=1
Request Chain 374
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 379
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6634635518376245066
Request Chain 380
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HswwvRZHBCPRWlXBSX-7sPqr
Request Chain 382
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700665969962 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4841029381
Request Chain 383
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528946304826
Request Chain 385
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
Request Chain 390
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 393
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOOA9_9yYRQbcdhbw5ABJqM&google_cver=1&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9CbXp2FisqFf7BDqYNZGouAogI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9CbXp2FisqFf7BDqYNZGouAogI
Request Chain 394
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELoqXAcoHoyBNn8lPBajbgU&google_cver=1&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZMCRgRgCehWXsKJ84n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZMCRgRgCehWXsKJ84n&google_hm=uPoi-aXLT1eR5JgcMear5AU
Request Chain 395
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJm9DbEFARnkcCp4N5JO8tw&google_cver=1&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQr3FQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQr3FQ&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
Request Chain 396
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKfayzPiv36SxA0DGe4GMys&google_cver=1&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaAc9aldavKYoE9YANqALSU HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKfayzPiv36SxA0DGe4GMys&google_cver=1&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaAc9aldavKYoE9YANqALSU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NTQxNjE0NjA5NDg0NzM5NA&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaAc9aldavKYoE9YANqALSU
Request Chain 397
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN2x9GfqBLdtbyOCMHJkWjc&google_cver=1&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42jpMKnssyiP66fY2L HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42jpMKnssyiP66fY2L
Request Chain 398
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQHACVu5ml0N-VNMQ5tp3zB4YtbipSfMtzo3HGHIGZYJZfOdpNZ-LA_PJCX9okfIjugevL5x-GuF8MvuUr9wPMw4VbKe_Hz&google_gid=CAESEOVWPg7WhzIEoLF_QRR50Uc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVWPg7WhzIEoLF_QRR50Uc&google_hm=T1BVYzAyZDIwNTk0OTQxNGY0MGI1NjVkOTQ3MWJjYjI4MTE&google_nid=opera_norway_as&google_push=AXcoOmQHACVu5ml0N-VNMQ5tp3zB4YtbipSfMtzo3HGHIGZYJZfOdpNZ-LA_PJCX9okfIjugevL5x-GuF8MvuUr9wPMw4VbKe_Hz
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV4abyeknWApKLJL0ncBIgAACK8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO0ktZnm5RfNATaNfM1X84o&google_cver=1
Request Chain 427
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6634635518376245066

426 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
www.bg3.co/a/ 		62 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
99b01e9d64224a9950e9f2f7dd41304b681c567d63c77b83431d2219cdf48133

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 15:12:43 GMT
etag
"f690-qrh5a0piUW5a1avSiGVDKGBoNJk"
expires
Wed, 22 Nov 2023 15:13:43 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Nov 2023 15:12:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 15:12:44 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Nov 2023 15:12:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 15:12:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4f11d5ee2a95f5f8d31013abb3e3518f061bcf8c2a016ba8d7eccca64b8bc89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30390
x-xss-protection
0
server
cafe
etag
276 / 19683 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:44 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a89fc52e48d2c6ac580b984fc9b3e92ac5f809c782a5a61cfc15b7a6a358044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91440
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 15:12:44 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Nov 2023 11:24:28 GMT
server
cloudflare
age
38925
etag
W/"655b41ec-a1eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
82a21cc3eba44c4f-MXP
expires
Wed, 22 Nov 2023 16:23:59 GMT
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
47e9772aade5d92d4b7a1145b1fbe499977b4b49af1725b8f5e3a71f6e8e1425

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 16:12:44 GMT
date
Wed, 22 Nov 2023 15:11:37 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Wed, 22 Nov 2023 07:59:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/ 		765 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0d0155de7b1d4012a00c48fcd91fe45f72aab122a4500aef7c2397f703e917fb

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 16:12:44 GMT
date
Wed, 22 Nov 2023 15:11:37 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Wed, 22 Nov 2023 11:37:16 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97fc3c5f72f39cbc5fd7a2fc73239291c84622ce10d8453f625d09298a15d0c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NxnGs2r9sR5X3KOzCM6zAQBWkU2QxQCt
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:44 GMT
x-amz-request-id
SEEVP6JY7TJYDSGY
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
FAILED
content-length
56769
x-amz-id-2
4O1LTK6m8HCa/fxgmk3Wr+neVUeoc6Q+TPT3DF2Lu0p5oKunkxB+eZLuvuMZGxt0S2UCTTOAtxA=
x-served-by
cache-mxp6954-MXP
last-modified
Tue, 21 Nov 2023 11:52:26 GMT
server
AmazonS3
x-timer
S1700665964.146796,VS0,VE716
etag
"e11ad614e3cd224ccb276fb7bcc27b9a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13571
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVJwlUnyoo1XUnDNfIqXpGGzPD9OxGHvOUM3zfDbt7G003UrP89JO%2BG7hRkNhg8rIOZaDYsK1r%2B865YvrGiQvXzxoUsadYJfrUbJLU%2FtbVVXSuxqbiw78uSGrRKK4C2Rj3wDaZ5LBmWsyE6mHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82a21cc6c9703746-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=4FA4C20E58194FA5737B1A010776FAE5&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&t=%E7%BE%8E%E5%AA%92%EF%BC%9A%E4%B8%AD%E5%9C%8B%E5%9C%A8%E8%A5%BF%E8%97%8F%E4%BF%AE%E5%BB%BA%E6%96%B0%E9%98%B2%E7%A9%BA%E9%99%A3%E5%9C%B0%EF%BC%8C%E7%B4%85%E6%97%97-9%E5%B0%8E%E5%BD%88%E5%8F%AF%E8%83%BD%E9%80%B2%E9%A7%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2838&sc_rum_e_e=2850&sc_rum_f_s=0&sc_rum_f_e=2835&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
82a21cc45c0a4c4f-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
3f317eb08b28f41671be27b519974d49.jpg
static.bg3.co/imgs/202105/ 		0
0
882d694ca77bedb62bd5baffe8f87126.jpg
static.bg3.co/imgs/202105/ 		0
0
ca59f2474968258dbb833d42d66214ab.jpg
static.bg3.co/imgs/202105/ 		0
0
76e78cfaef4d839fb70bd5d6917c9f9b.jpg
static.bg3.co/imgs/202107/ 		0
0
7b85be626426a7a798b85d28dcb49805.jpg
static.bg3.co/imgs/202309/ 		0
0
ccdcad97ee99935ccc8bceef825cdad3.jpg
static.bg3.co/imgs/202105/ 		0
0
059d8fef1b78c78a136ceadd57d61473.jpg
static.bg3.co/imgs/202309/ 		0
0
a55dbfe47a5a5b6f551ea27f649d1b61.jpg
static.bg3.co/imgs/202105/ 		0
0
a84ba95ef6ce5fd3c0071709ed98304d.jpg
static.bg3.co/imgs/202107/ 		0
0
62ddbcf18b5c2041abd09e3a3c08fe57.jpg
static.bg3.co/imgs/202105/ 		0
0
d483e69449c038066b9b402079f5f782.jpg
static.bg3.co/imgs/202105/ 		0
0
fea45555085819d0e8371ad205195c99.jpg
static.bg3.co/imgs/202105/ 		0
0
22b28090727ae61af38881d587c21b88.jpg
static.bg3.co/imgs/202105/ 		0
0
ed7669c7bbf4bc3a8ba906ab252c7030.jpg
static.bg3.co/imgs/202105/ 		0
0
48e0ed76597a738b4dd55809b0ca55f8.jpg
static.bg3.co/imgs/202105/ 		0
0
7c7dbeab3ed11609b54be6391a05ef86.jpg
static.bg3.co/imgs/202105/ 		0
0
b13539d1dac1f03b8b77c54d195b63ea.jpg
static.bg3.co/imgs/202107/ 		0
0
12da108d534571072f0d684d40060af0.jpg
static.bg3.co/imgs/202105/ 		0
0
68eda146d3915c0f82331bb2183eee8d.jpg
static.bg3.co/imgs/202105/ 		0
0
afb4d52106890df09cef4494c0828761.jpg
static.bg3.co/imgs/202106/ 		0
0
e15b747b89dfaecf8806ef1d3b59cf55.jpg
static.bg3.co/imgs/202106/ 		0
0
811b14e5d37a2918a118331b966ecf84.jpg
static.bg3.co/imgs/202106/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 19:10:15 GMT
age
417749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 19:10:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 18 Nov 2023 09:04:44 GMT
age
367680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Nov 2024 09:04:44 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
57080
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 20 Nov 2024 23:21:24 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700665964093&gcd=11l1l1l1l1&dma=0&cid=1436726785.1700665964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700665964&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=%E7%BE%8E%E5%AA%92%EF%BC%9A%E4%B8%AD%E5%9C%8B%E5%9C%A8%E8%A5%BF%E8%97%8F%E4%BF%AE%E5%BB%BA%E6%96%B0%E9%98%B2%E7%A9%BA%E9%99%A3%E5%9C%B0%EF%BC%8C%E7%B4%85%E6%97%97-9%E5%B0%8E%E5%BD%88%E5%8F%AF%E8%83%BD%E9%80%B2%E9%A7%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3045
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=433523894187752&correlator=4371225395878403&eid=31078987%2C31079674%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700665964468&lmt=1700665964&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1436726785.1700665964&ga_sid=1700665964&ga_hid=1788826350&ga_fc=true&dlt=1700665964069&idt=360&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ffd5e8712a5a14280558ed2a1de9b9a6983b21155b53c83b6c2d7fb99e5093d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12999
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 02AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:44 GMT
expires
Thu, 21 Nov 2024 15:12:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D56B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9O7lC9BFahUqJbj4b21U-KwenMfQZc32jnkuN_4_DEN2L2NquC5sIyJsyxhCjR0q2YtU_YKulkhDBuIRiy6Gf86tyZADgFnTGE8PQgwrnxD8tvIxC-cvZEhuNJBppRx5euK6zYYWVu88m0MM2dMGgZq6q2KDs35N1xqZGEXbZxtJmdxp5jXoKn_jrV_NMvoR10fAePW8BKAdzY6Z3foSGL-6Qw6zr5NQHEaIu-q2r0niTOfUMismmBLnaEYPpXEYSYWNswMMUWdPXQfd80RemflR7CTi7s-zGGvjMIea7cbRWSnVPIqpwMKY4IhtbMXaDow&sai=AMfl-YS0gxlTS3bZvM_1B80EkKiqtt1Ap5F1nc6y3QxPhpE3rfcMl02rIj2-wzg-KTbr0D9vWEQzfFweMSgJvFXisggTr_drGUBpezjEoaGuiWPY2CEi9P_mjGdwDtk07a4bUvOatSu2gV7i1YScq-bjIqK79j7Dge3wkvY96g&sig=Cg0ArKJSzExvJPgyd8FoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Nov 2023 15:12:44 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D56B 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:44 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1609
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paKM5PUUULe5gIYOqS5wxjVUF9lPazczpfCmnXg7hRA2Q92UUY5w3rMzABUzRECnWnL2vGH0I5Alb61wDbp9yKjG%2BVmcfkxsDijl%2BM0PRf8lKwAitM81GHV599y%2FWZX%2BfXC9H5uKTWW3LpDtkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
82a21cc709a73746-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
14b8258a61e9708810dc58cd90b99b01dbb5e33b3b1317b285d165eeaff6c7e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5933524030377106&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:45 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5865334
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-mxp6967-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700665965.720824,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
49, 6734
impress
ad.vidverto.io/delivery/ 		60 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&referrer=&async=1&uid=9901846812&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
191d73e98d346c827c58080c9a8b16b26ee62079a1c295857ace70caefd54c87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
block.jpg
delivery.adrecover.com/ 		631 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700665964762
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3340) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 21 Nov 2024 15:12:44 GMT
date
Wed, 22 Nov 2023 15:12:44 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (muc/3340)
age
8395629
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
feedback
feedback.adrecover.com/ARWebService/ 		70 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feedback.adrecover.com/ARWebService/feedback?ts=1700665964794&adBlockedAA=false&packetId=00000001-c9f5d5e9-bc2d-4850-984b-4fcc4f4c5629&siteId=43519&pageGroup=POST_ADRECOVER&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&country=CH&platform=DESKTOP
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:44 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-robots-tag
noindex
content-length
70
expires
0
/
onetag-sys.com/usync/ Frame 0A8E 		2 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Wed, 22 Nov 2023 15:12:44 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=2bd4fe3fa78f92b3cbaeb5d437a30dd5
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:44 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=a6b86ef7-66b6-4871-a09a-6977d2ca2d0f&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=a6b86ef7-66b6-4871-a09a-6977d2ca2d0f&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=a6b86ef7-66b6-4871-a09a-6977d2ca2d0f&p_id=23
date
Wed, 22 Nov 2023 15:12:44 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=672f6401-02e3-407e-88ae-702c014f8658&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=672f6401-02e3-407e-88ae-702c014f8658&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=be21788f-c6ba-5246-9631-e2cff36ff8a2&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=8c20d9cb-95ce-4da4-ad0c-e0ef93420e05&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=8c20d9cb-95ce-4da4-ad0c-e0ef93420e05&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
185.180.223.67 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-67.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=8c20d9cb-95ce-4da4-ad0c-e0ef93420e05&p_id=15
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Wed, 29 Nov 2023 15:12:44 GMT
truncated
/ Frame D56B 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c34330f716f2ba5ad3546335083d89c6e3d5b5251baf0e1ec3d5f9a692ccd0bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D56B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaQ9-ktQ-AoJgkn5cUfw7387cKiFQ1P2ZAUvc0RFmYAQZ5HaIH3VsLtCF662Q4M6A0r0KJH_TQvkXESbZUeo49gmu6fm0UAtW7rTLbJ_G5L81kJyap0jptxS7sUUWYry1RU4bly3BNCv8v9-KZ7velFJ73jboniLPA1BA8oHstKH6FWMPmfs3xXZw99LWyivJpRXILy-Ma0yAqi7ZihK_HUa3EOlvGxZBgIAcSD63SCJXt08bunXmsxU4jdWewwUIwvCoqoDpZJ0OJJcpj2Pe_7WFl2ixQnXHsjZF2q6kTDIk5b1sKAWh1Td1PJKMDXMMRqk-9&sai=AMfl-YThrcXB75BHxxNCFibC8OMVYyIQKuVRGYxQGXWnB_aZ8iZsxzoYgzNaU2IN7LkRzm1t_PEdpKyWdz3Oyw2SgVnOb65TQ0v6JP7-I75K_iYNrPfaizUIewgdEye8AYwR8nalxPK9XJzqCs_T6h_rD2IL1qkD7ZBI7PEY7A&sig=Cg0ArKJSzO6f5HDjtEmPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Nov 2023 15:12:44 GMT
impl.20231121-7-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QKIcMi5s9DLOc2Mr2ogSwBz9vpmCO3GC
content-encoding
br
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:44 GMT
x-amz-request-id
P07SXCK3MCD3TP6R
age
15922
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173606
x-amz-id-2
V0smf8MM+0Sps3lWTW38HKxkvDwIwtS9tpjO+wL04u+03dxb24t/SYw590sWMtMEb0MKgDM8oIc=
x-served-by
cache-mxp6954-MXP
last-modified
Tue, 21 Nov 2023 10:47:22 GMT
server
AmazonS3-br
x-timer
S1700665965.981284,VS0,VE0
etag
"e14d5158d1e05939397417dd5bb9b1d9"
vary
Accept-Encoding
content-type
application/javascript
abp
38
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
35653
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
63348
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6967-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700665965.026268,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 19982
Q0hfREVTS1RPUA==.json
cdn.adpushup.com/fpe/42753/MAN_Data/ 		555 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 16:12:45 GMT
date
Wed, 22 Nov 2023 15:11:38 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=3600
x-client-device
desktop
x-client-geo
CH
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
v1
prg.smartadserver.com/prebid/ 		0
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:44 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid-request
onetag-sys.com/ 		15 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
194256
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		44 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=16%3A12%3A45.124&lti=deflated&data=%7B%22id%22%3A524%2C%22ii%22%3A%22%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700567542539%2C%22vi%22%3A1700665965120%2C%22cv%22%3A%2220231121-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html%22%2C%22vpi%22%3A%22%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3458%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2573.03125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e01bb94a9ec195fa3cbae4da56ff0e42ea44439c83a398f7c4cd42432519e569

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
495
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8972916666666667
x-fastly-to-nlb-rtt
83395
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6954-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1700665965.141981,VS0,VE495
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BE14 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f66d59ff92c0971d1f27511dbed019307a1d66d799653c20001a715eb0f7f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10183
x-xss-protection
0
server
cafe
etag
6601296572619086483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:45 GMT
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/331F) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
age
1356451
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (muc/331F)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 15:12:45 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/330F) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
age
8928232
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (muc/330F)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 15:12:45 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:6857:abc2:e420:ab40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3370) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
age
5998308
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (muc/3370)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 15:12:45 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2NjU5NjUyMjYsInBhY2tldElkIjoiMDAwMEE3MDEtYTEzZThhMDgtYzUwNi00Nzk2LWJhMWUtOGE2ZTUwNGUwMDdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1tZWktemhvbmctZ3VvLXphaS14aS1jYW5nLXhpdS1qaWFuLXhpbi1mYW5nLWtvbmctemhlbi1kaS1ob25nLXFpLTlkYW8tZGFuLWtlLW5lbmctamluLXpodS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJDSCJ9&c_b=3883.7999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
bulk-metrics
trc-events.taboola.com/palmate-bg3co/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame BEB4 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
7453
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82a21ccbebc3ba8b-MXP
content-encoding
br
content-type
text/html
date
Wed, 22 Nov 2023 15:12:45 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrTHFPt9G3Cca3ySDxuZiJChThMgT2jI6Q7LjeLBrhcc0Ve37cgooz8box7i67e5TyGGIu9mFKV15hZw7PgrAXIN9It4%2F%2FMK3kv93YWXSEZah2Xm0x5nb9fgoKyy5mxxxCRt5m2XNkOkvFg5IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6131
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 15:12:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 22 Nov 2023 15:12:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
connection
close
content-length
35
content-type
image/gif
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2NjU5NjUzMTcsInBhY2tldElkIjoiMDAwMEE3MDEtYTEzZThhMDgtYzUwNi00Nzk2LWJhMWUtOGE2ZTUwNGUwMDdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1tZWktemhvbmctZ3VvLXphaS14aS1jYW5nLXhpdS1qaWFuLXhpbi1mYW5nLWtvbmctemhlbi1kaS1ob25nLXFpLTlkYW8tZGFuLWtlLW5lbmctamluLXpodS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3974.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2NjU5NjUzMjQsInBhY2tldElkIjoiMDAwMEE3MDEtYTEzZThhMDgtYzUwNi00Nzk2LWJhMWUtOGE2ZTUwNGUwMDdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1tZWktemhvbmctZ3VvLXphaS14aS1jYW5nLXhpdS1qaWFuLXhpbi1mYW5nLWtvbmctemhlbi1kaS1ob25nLXFpLTlkYW8tZGFuLWtlLW5lbmctamluLXpodS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3981.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDA2NjU5NjUzMjgsInBhY2tldElkIjoiMDAwMEE3MDEtYTEzZThhMDgtYzUwNi00Nzk2LWJhMWUtOGE2ZTUwNGUwMDdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1tZWktemhvbmctZ3VvLXphaS14aS1jYW5nLXhpdS1qaWFuLXhpbi1mYW5nLWtvbmctemhlbi1kaS1ob25nLXFpLTlkYW8tZGFuLWtlLW5lbmctamluLXpodS5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlY3Rpb25OYW1lIjoiQVBfSV9EXzMzNlgyODBfODYxZTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzMzNlgyODBfODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VydmljZXMiOls1XSwiYWRVbml0VHlwZSI6OH1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3984.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=433523894187752&correlator=2417884612303158&eid=31078987%2C31079674%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&arp=1&abxe=1&dt=1700665965336&lmt=1700665965&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1436726785.1700665964&ga_sid=1700665964&ga_hid=1788826350&ga_fc=true&dlt=1700665964069&idt=360&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_1_pv%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_1_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_5%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_5%26faid%3Dfalse%26adro%3Dv8_e&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97f9e0e84e1454040a5ece9adc201ef8b693d8b805c5e7a4627f6a8bacff400a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16287
x-xss-protection
0
google-lineitem-id
6393702623
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449822902
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl_page_level_ads.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 17:37:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
77695
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13740
x-xss-protection
0
server
cafe
etag
13319621592303420164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 20 Nov 2024 17:37:50 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BE14 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f37bec895692dba801be7539329c65a9bcadb9b74c2b68d86a30f3bbf7166b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52816
x-xss-protection
0
server
cafe
etag
904068029696980174
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:45 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDA2NjU5NjUzMTcsInBhY2tldElkIjoiMDAwMEE3MDEtYTEzZThhMDgtYzUwNi00Nzk2LWJhMWUtOGE2ZTUwNGUwMDdkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21laS1tZWktemhvbmctZ3VvLXphaS14aS1jYW5nLXhpdS1qaWFuLXhpbi1mYW5nLWtvbmctemhlbi1kaS1ob25nLXFpLTlkYW8tZGFuLWtlLW5lbmctamluLXpodS5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4004.7999954223633
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:12:45 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231122
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f1048bf97e0daf6b9eba804c11f6d2ee6736726c3b8a5c4c3c42063383cf56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40311
x-jsd-version
1.0.1881
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mrs10546-MRS
x-jsd-version-type
version
server
cloudflare
etag
W/"643-7vZcYomrQmvX1we42OIbnEkre24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZkpSo%2FC%2F092y589WHfsX4y6mYmGwSlrbEG8aXA9R47jG%2B%2F9mqyZY7MnYXFhXZM4MNiciCHeexFcLbeFRrtDxZaYXF9eMCyNSUMnCySJIHAanaFe71muFdTEso%2B%2FrZcbbRiKizKWQuXy%2FhSiy%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a21ccc1ffff0cb-CDG
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c036b6926ef16a07e0ddbcb269bc1de182d6ffc7f493261e2b53399a3bb896

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw5eXYL0oh4NYCW%2BDQaRu9rEktEnUq9kGKCwGte%2FXgX8qhGN8cRde2EX1HtpWWZIAIfU9zFsZPugCXXDTNr4%2FYT6Q37CoKKB68TxIUGXv7tAAwBTV%2Bls7bxsKltbRl9Od1quH823"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a21ccc4e0e0208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c036b6926ef16a07e0ddbcb269bc1de182d6ffc7f493261e2b53399a3bb896

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmQETUjxtEMpUtJnfv1BdnJHPOrDXe%2F8FmGVpQk9G6yNHSHzJdY7CE%2BL%2F7240j4o%2BUnYYsWEMHMiigJya0YwdvaihBmIsEWMRrW2Ida1EAIahANb8Dv2uZMXOOZsMKzAvoewWzLj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a21ccc4e100208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c036b6926ef16a07e0ddbcb269bc1de182d6ffc7f493261e2b53399a3bb896

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FtrD9raAKLqsqhP%2Fcyx2BstY05DnTaiN9pv0GZL0NbR1cJNrK%2BX7MAGBkC92LsbZPDqd1%2FXFWvDAcLTpywJdH4LLWzcaUV4lRaGI25Y0mu6RUmk7iHGOzExCWQw3Ops9h50d9U0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82a21ccc4e140208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d95a208d385f15472a3f84befa681ba3d1454cb099c5d9617067a65d9f2dd49b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
76
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 15:12:45 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
an-x-request-uuid
bec00204-d149-4b4f-9e15-6fe793784140
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.10.106.5; 176.10.106.5; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.219.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-219-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a4d86b492c5fb931a5691fd786d45f68f9dd225fa1fd07823479cfb50199d3dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 22 Nov 2023 15:12:45 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
prebid-request
onetag-sys.com/ 		15 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid-request
a.teads.tv/hb/ 		16 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 22 Nov 2023 15:12:45 GMT
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.214.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-214-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=62174007278&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 22 Nov 2023 15:12:45 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b4a1067de2116941c535478c84ca83c697006ae3eb04f880a0129ef4f4ac5924

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		500 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=727ba0df-bd3d-4c04-ab31-97569b300888%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%BE%8E%E5%AA%92%EF%BC%9A%E4%B8%AD%E5%9C%8B%E5%9C%A8%E8%A5%BF%E8%97%8F%E4%BF%AE%E5%BB%BA%E6%96%B0%E9%98%B2%E7%A9%BA%E9%99%A3%E5%9C%B0%EF%BC%8C%E7%B4%85%E6%97%97-9%E5%B0%8E%E5%BD%88%E5%8F%AF%E8%83%BD%E9%80%B2%E9%A7%90&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=e4b99d70-c1f4-495d-bf75-a62929f8525b%3B4578e942-e617-4588-ae9f-f2d9661df3ca&l_pb_bid_id=538782b6f2b91f%3B54c11a779548a9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e4b99d70-c1f4-495d-bf75-a62929f8525b%3B4578e942-e617-4588-ae9f-f2d9661df3ca&rp_maxbids=1&slots=2&rand=0.30771646143630726
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
10c1ba4154f66d4b0e41ec6ec566f81a784a79407dca9540fd2ff22ba3d6545a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a21ccc9fd10e4b-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a21ccc9fcf0e4b-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
adreq
ads.servenobid.com/ 		592 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=958
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
698e10cb5b2f613e3f71779e20d522ad5475e400483f0c6848038b7879fe03d5

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
66672574adc0ead1853e948f5c1da0b36d0e19e922115e98dc474c9497023a4c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
66672574adc0ead1853e948f5c1da0b36d0e19e922115e98dc474c9497023a4c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
66672574adc0ead1853e948f5c1da0b36d0e19e922115e98dc474c9497023a4c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.171.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-171-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
19
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BEB4 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68001ca8bbc5c44c62345c01013eaca6eebf00968bd55df5614287fc6c1bc5d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
server
cafe
etag
365 / 19683 / 31079694 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:45 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame BE14 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
348dad726d7573e10b2ac7ec19cb8b4beb567efd334c27cddaa973fb519431c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138497
x-xss-protection
0
server
cafe
etag
7360419147461310568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:45 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 4092 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
62125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Tue, 05 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:09:34 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
9wh3LKehqJ9mmYOLKH4gGHm4x4Q9OtfPf7PZwjiGUa5hzKjOidVHdw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame BEB4 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 15:28:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
85430
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 20 Nov 2024 15:28:55 GMT
pixel;r=1469948444;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html;uh=e51ed67dfb8d91dc24...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1469948444;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1103084480-1700665965548;pbc=727ba0df-bd3d-4c04-ab31-97569b300888;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700665965658;tzo=-60;ogl=;ses=3dbee77a-2a50-4881-8314-dd17127ee873;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6131 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Nov 2023 23:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30203
Connection
keep-alive
Content-Length
13230
Expires
Wed, 22 Nov 2023 23:36:08 GMT
floating-unit.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6934568e6bc9d234b42c8b4cd6d329fb08a931be05057ad22411c8ffe9dbd68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PDSIbQTLI2Qs8sCJu3DXjx6cVvRFI2uB
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
FP98XT09FQZQWYHZ
age
12641
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2492
x-amz-id-2
eZXSWzTEZ095FM6KOfg2Hf+rhSr7uUoe5h/N1/rhZnKHc1+skGPxh3i+4K7cjCGpflTnl6Uj+so=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:42:04 GMT
server
AmazonS3
x-timer
S1700665966.695597,VS0,VE0
etag
"dd49e1ad31f717ebb9986bb2ee0f9941"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1241
taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e0520615c91ba524f0ba6daa5113feec9cb2b883fa19313fb9d9eef6a9195bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iOa2xJswWQOi_.PSa.wPS9_IinUYMGFa
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
8TBZ68217EAA0PF7
age
12617
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
u3VtmbYKz3H0yHhyMxzcDHWo1VTb9xFb4v9dy1jZPUmhydpENm9172xI/EowEsL45B76nVNGN8o=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:42:28 GMT
server
AmazonS3
x-timer
S1700665966.695580,VS0,VE0
etag
"931da4ecdce74822f54bfca0e2dc42df"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
697
distance-from-article.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VUNySeRZoo_G_IkRHyPbA2J1GWj8uf2O
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
P089X8K7163ATYT6
age
12657
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
DFuNMqzVULu7qEYsRyyO1ZhMfwm8iR+VgG/NhGmRnUEUNeeIrLQXrNyzGqHg8bXdhDBjm1Okzxo=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:41:48 GMT
server
AmazonS3
x-timer
S1700665966.718558,VS0,VE0
etag
"3156426a0edaa42aa2bf567f4a5c596f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19037
article-detection.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2I1kn3jVLr9JdAH6q.GGYa0xyWcAOZLL
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
XRX188BG9HN16K6R
age
12667
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
X1NeXi/LYRuQaHkj0K8sO5O4BIdCEDBkcpjVo7g41O71uoyxEozHY/gvwdqjiQpVofiwZOvv020=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:41:38 GMT
server
AmazonS3
x-timer
S1700665966.718834,VS0,VE0
etag
"36b721518a3b258033d725e6c90d0fd9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19036
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 5475b042e714039f4c19ccee86e34aa2.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP63-P3
age
328060
x-cache
Hit from cloudfront, HIT
content-length
23966
x-served-by
cache-mxp6945-MXP
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1700665966.764802,VS0,VE0
etag
"9284c0ece401137f8f576e2e3ba9e6c1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
6BfEpGrSeqAu8OqBPf1u1yXHOMhO_X6bCLWfSV_b84eVEwl_BuBajA==
x-cache-hits
3492
feed-card-placeholder.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WX751I9f.e2ZcIK4Rn3YkLAajqvc6qM_
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
J3ZX345JS6JBW4FG
age
12649
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
IEYb/ywO6oxH4Cq+pk2gEypPwMwE55T7hvNXjPTfTWLs9Qvh02yGouhXorpolSYdrJdEWH1d2dk=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:41:57 GMT
server
AmazonS3
x-timer
S1700665966.718814,VS0,VE0
etag
"9c15de28849e65a17e95bb39ea85ea2b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
19652
userx.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RxRMbH9S9NiszpcL4leWiKH6iH.0nkhp
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
JH67YBBY0QBB1DCX
age
12614
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5396
x-amz-id-2
iF5LD/L52EWMJEO6F0ij+DeKnX/YD+5X3a7f+jqy8ngwYyC+h/utHBuwvUcQbpAqgXCjGT+7U5g=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:42:32 GMT
server
AmazonS3
x-timer
S1700665966.721711,VS0,VE0
etag
"e04922542f64625b1a6e8ed0a5a5d7b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3577
explore-more.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70239190370dc8b6eac2cd2352b203507ab0c0ca1aad58a6a3d686b2cdfd08bf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.KGsCcUDY8ZxRij1HRyYvMDBLbvt450B
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
7XMH50E49MYBFD6V
age
12651
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
mEoX3aoSyfDtOvH3zKPrcvn1eICMfdsrVngfnRGRPawGGrDROvC1EHpxtHnKQXpsq3vkmx1mvO8=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:41:54 GMT
server
AmazonS3
x-timer
S1700665966.731953,VS0,VE0
etag
"cbe598f6658248d28d1a1f7ffe8c5bfb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11399
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A12%3A45.685&id=5343&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700665965686%7D&tim=16%3A12%3A45.686&id=7028&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700665965699%7D&tim=16%3A12%3A45.699&id=4926&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A12%3A45.724&id=554&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/palmate-bg3co/log/3/ 		0
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/pubs-generic?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1700665965725%7D&tim=16%3A12%3A45.725&id=8681&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
86
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
83262
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6954-MXP
pragma
no-cache
server
nginx
x-timer
S1700665966.755475,VS0,VE86
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.725&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=2315&cv=20231121-7-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22tbl-explore-more-container%22%5D&vi=1700665965120
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63754
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.727&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=1454&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63789
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.728&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9095&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63789
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.733&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=1284&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63789
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.734&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2550&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63789
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A45.741&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1399&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
63789
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:45 GMT
x-amz-request-id
2BXJKKX2RZV89N9D
age
38
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WyL2v7Y6tMjGZIwQzTqLEakrV0fvos6RjsnPZZi2oiW+JmOnNuMfVUBcREdsw9/uoKeZa4qMe/Y=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700665966.760595,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
6
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
19
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=13623&route=AM%3AIL%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
046f02b6ce202212418290b200a1edbd029a4f55802aeab80a2037a2bc06cbcb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
3207262
edge-cache-tag
574752983566478366042810641110588364102,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
458
expiration
expiry-date="Wed, 08 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazeteduvar.com.tr/
content-length
36522
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100034-IAD, cache-lga21983-LGA, cache-iad-kjyo7100059-IAD, cache-mxp6954-MXP
last-modified
Sun, 08 Oct 2023 10:55:10 GMT
server
nginx
surrogate-reporting
width=1066,height=800,bytes=66131,owidth=1200,oheight=800,obytes=384488
x-timer
S1700665966.796033,VS0,VE1
etag
"813a23ae8098ea620bd5349247db97ba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 35, 1, 0, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bbcd3fb98bc87042eb6030f983044304226f0dd7d1e0fe85ffe60c22bd77f868

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
2972091
edge-cache-tag
574752983566478366042810641110588364102,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
257
expiration
expiry-date="Thu, 26 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.today.com/
content-length
18780
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200059-IAD, cache-iad-kcgs7200059-IAD, cache-ewr18122-EWR, cache-iad-kiad7000027-IAD, cache-mxp6954-MXP
last-modified
Mon, 25 Sep 2023 19:51:58 GMT
server
nginx
surrogate-reporting
width=1200,height=600,bytes=62441,owidth=1200,oheight=800,obytes=384488
x-timer
S1700665966.796016,VS0,VE11
etag
"5a8a7e1973dd6942cc83dd2690932151"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 15, 1, 40, 1
4e8d590f69ba3de17fd0fd39dcfebedf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ef532d9520146357b2bfa7199faac6568619fd8ab1eb06fa88e8a14f0fa529c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
age
1717949
edge-cache-tag
471243338919322031678467830303336845259,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
471243338919322031678467830303336845259,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
186
expiration
expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.polizei-schweiz.ch/
content-length
13026
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200037-IAD, cache-iad-kcgs7200037-IAD, cache-lga21982-LGA, cache-iad-kcgs7200085-IAD, cache-mxp6954-MXP
last-modified
Wed, 04 Oct 2023 13:43:57 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=18996,owidth=1280,oheight=812,obytes=1083488
x-timer
S1700665966.795970,VS0,VE1
etag
"73dd3537b61911a8e89a94fd6380a11f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 3, 1
bdc96404eba85fd374584ceed5e0d9cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bdb27133aa0eb38f1c8b281ca86fc0be9c149ba73d047045da80b9344bb07972

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
age
4356591
edge-cache-tag
366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
366550682837043004145125579800052646069,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
105
req-referer
https://bon-a-savoir.net/
content-length
19776
x-request-id
d08e9b3a50e1210a29df68f97d37e3ed
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100060-IAD, cache-iad-kiad7000063-IAD, cache-chi-kigq8000116-CHI, cache-iad-kjyo7100130-IAD, cache-mxp6954-MXP
last-modified
Wed, 13 Sep 2023 20:22:08 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=35912,owidth=1200,oheight=800,obytes=946838
x-timer
S1700665966.832120,VS0,VE1
etag
"968eedb115307c944a83dda254c99dcd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 218, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0622ea9d23e60693346c14c77de2df2333e9b36babadccbc0d3a0d889d29b2e7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
2418427
edge-cache-tag
603464470960477801790457014709346231010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
367
expiration
expiry-date="Wed, 01 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.koreadaily.com/
content-length
102174
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200100-IAD, cache-iad-kcgs7200100-IAD, cache-lax-kwhp1940092-LAX, cache-iad-kjyo7100045-IAD, cache-mxp6954-MXP
last-modified
Sun, 01 Oct 2023 16:30:09 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=111065,owidth=1000,oheight=600,obytes=1177283
x-timer
S1700665966.832057,VS0,VE3
etag
"840ce58ffaa05ebca0e31a1bcca3bbae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 157, 1
5f94af6b469f063375110ffc2fe4ca50.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f94af6b469f063375110ffc2fe4ca50.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
69a37b579f17bd6f27553b82cd5f69480f38c95a09e8f2e31a36c1c76df7c449

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5f94af6b469f063375110ffc2fe4ca50.jpg
age
2441457
edge-cache-tag
547240386956983872117571022234325078955,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547240386956983872117571022234325078955,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
86
expiration
expiry-date="Thu, 09 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
28278
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000031-IAD, cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100122-IAD, cache-mxp6954-MXP
last-modified
Mon, 09 Oct 2023 10:38:15 GMT
server
nginx
surrogate-reporting
width=951,height=528,bytes=75516,owidth=951,oheight=640,obytes=162966
x-timer
S1700665966.832043,VS0,VE1
etag
"f48fdab5252fff4a1ab52b211361583e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 8, 1
73d87dc162097a1014d4779bca27a84c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73d87dc162097a1014d4779bca27a84c.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45e2a68049a536ad17b94cd761052e7ebcf5e4184240bf6a6748e741c6193bbb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/73d87dc162097a1014d4779bca27a84c.png
age
2976575
edge-cache-tag
487595812969072387963879303601114682959,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
487595812969072387963879303601114682959,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
227
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://wpolityce.pl/
content-length
24452
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kcgs7200062-IAD, cache-lga21936-LGA, cache-iad-kjyo7100109-IAD, cache-mxp6954-MXP
last-modified
Mon, 02 Oct 2023 17:59:47 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=92743,owidth=1000,oheight=600,obytes=1106632
x-timer
S1700665966.860470,VS0,VE1
etag
"624571aa8aaaf1406e2023ec7e99c45e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 13, 1, 346, 1
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f434e78722abbbd9df23f9f3864cd2ecf3ae2ae92062e75452b17f4363c9ca72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
3539701
edge-cache-tag
574752983566478366042810641110588364102,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
220
expiration
expiry-date="Sun, 29 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.carscoops.com/
content-length
19736
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200053-IAD, cache-iad-kiad7000078-IAD, cache-lga21946-LGA, cache-iad-kcgs7200126-IAD, cache-mxp6954-MXP
last-modified
Thu, 28 Sep 2023 19:41:07 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=66154,owidth=1200,oheight=800,obytes=384488
x-timer
S1700665966.860631,VS0,VE2
etag
"bd2ca7a2667f0d579b4ea35c25f09e8d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 11, 1, 3, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b490332083f0ca30d85d11966700da995d94b792e5ff404380137abd9cebf0b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
3128464
edge-cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
324
expiration
expiry-date="Mon, 25 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.iranherald.com/
content-length
118158
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kiad7000162-IAD, cache-sna10731-LGB, cache-iad-kiad7000032-IAD, cache-mxp6954-MXP
last-modified
Fri, 25 Aug 2023 17:08:17 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=1177283
x-timer
S1700665966.868840,VS0,VE1
etag
"0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 29, 1, 330, 1
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9tZWktbWVpLXpob25nLWd1by16YWkteGktY2FuZy14aXUtamlhbi14aW4tZmFuZy1rb25nLXpoZW4tZGktaG9uZy1xaS05ZGFvLWRhbi1rZS1uZW5nLWppbi16aHUuaHRtbCIsInNpdGVEb21haW4iOiJodHRwczovL2JnMy5jby8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJwYWNrZXRJZCI6IjAwMDBBNzAxLWExM2U4YTA4LWM1MDYtNDc5Ni1iYTFlLThhNmU1MDRlMDA3ZCIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiJjMjcyMjQ4ZS0xOGYwLTRlMGYtYWYxZC1lNDIzOWQwYjM4YWUiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwNjY1OTY1NDA1LCJiaWRzIjpbXSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiYzI3MjI0OGUtMThmMC00ZTBmLWFmMWQtZTQyMzlkMGIzOGFlIiwidGltZU9mQXVjdGlvbiI6MTcwMDY2NTk2NTQwNSwiYmlkcyI6W10sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl19XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4448
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:45 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
4e8d590f69ba3de17fd0fd39dcfebedf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c4c06f9bd54092e80089fcbf8600bcc3ea55f3b099fd9ccef43cb14e5743b05

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
age
1928767
edge-cache-tag
471243338919322031678467830303336845259,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
471243338919322031678467830303336845259,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
351
expiration
expiry-date="Sun, 12 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.familie.de/
content-length
34132
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kjyo7100110-IAD, cache-lax-kwhp1940105-LAX, cache-iad-kcgs7200126-IAD, cache-mxp6954-MXP
last-modified
Thu, 12 Oct 2023 07:39:07 GMT
server
nginx
surrogate-reporting
width=1280,height=710,bytes=72573,owidth=1280,oheight=812,obytes=1083488
x-timer
S1700665966.868819,VS0,VE2
etag
"525aa124318f28a7f53e2116e5c5774f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 2, 1
bdc96404eba85fd374584ceed5e0d9cf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60a9f7d56233350b59ab96745a2327de726eba4f80a77dd1bd203c3f9e5ef6ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bdc96404eba85fd374584ceed5e0d9cf.png
age
3037968
edge-cache-tag
366550682837043004145125579800052646069,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
366550682837043004145125579800052646069,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
262
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
42704
x-backend-name
US_nlb106
x-served-by
cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100129-IAD, cache-mxp6954-MXP
last-modified
Wed, 20 Sep 2023 15:46:38 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=72866,owidth=1200,oheight=800,obytes=946838
x-timer
S1700665966.885377,VS0,VE1
etag
"5d92c05ea40550dabfe11ee496a1429b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 88, 1
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 22 Nov 2023 16:12:45 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame CCF0 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
362699
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 15:12:45 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A37D 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 22 Nov 2023 15:55:28 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=BHC53wy07RDSjy2EtXyOl074xKjgVmbiiiMSa2vT1eeJ0m3LGhUOTRhHdvkmN2g3Q0mjOwdi0iJ9uOVHnphTGTEcpOB95%2B%2F2BMeSMI9CJSZePzTbwq0B0GfJxx5HXZbZMGj3Ig1MgZtDvnWK49fKFqXpCOiD%2FN%2Fmrxkp%2BrNfUhcwOem%2BIkw9tFL3oQAs3QmY6gGKHXsTrewDxBrktsA23fBYFdEXm8xBWRUzHGacisclbSEuFxZTwvYaNvQIFePL5mTCFMmGP2BgLEmZWO0Dx7tnaCxwnwMYrCXc3zNV9DUMuxxFvxHV5E3owDX%2BGQ4v12mQhpdDokEZ7vKeZIWuozaHPZqQkr736CebRB5Ve1aavlEBfNeteSd3Lb86OqejcGuhh7791dquUfzmBFKFdEfxqql8ovCm5A%2FPO%2FPuD4BGDk%2B4AA3Gtp%2FQc5Gkw4SOsjq5ogSmFGY2lIi7FkgI8cSEkvxaqtPNgRjg9nvSQz4wMnp%2FVvv5L%2B5%2FprYgH4TkssIrmB%2F3FspPlrLx1%2B51H7HbY%2B4GfoTCNKsNWletVaCGS0tQWYIXtnlp6yUemRgeyQKWljS6EGotSkbKf2sy8YGb9ZVZ3OjO8GT4UbZJOd44TB0h8dXbFgMZBSR6zPCkwB7c98m5bZxVQKOlhxaN0bBh3edigYSAdkQWaXxmBrjtmZNW0nheeUs2GMyNDYxQCkALIMvy4Pg9JIqMIsYK%2FLCjU56Fi2O6W9QaykqfC%2F3F7VfYwFCfk9j6TnSirZimN%2FKVfZbHpUZ2yEz5AqmD3g%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame 59BF 		109 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
38965
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 67AC 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 15:12:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 14:05:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 15:12:45 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 67AC 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
40392
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 03:59:33 GMT
khaos.json
token.rubiconproject.com/ Frame 6131 		7 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=433523894187752&correlator=920200375724935&eid=31078987%2C31079674%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&arp=1&abxe=1&dt=1700665965947&lmt=1700665965&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGskwDhyaefL-Uz6JP-xs9cW4xDp_X_pNFAYL9WiP9JhEDmtZ0N172uY4JX9_XZIWtnZNcxnl4UVWEbIcjgZNK5Y&ga_vid=1436726785.1700665964&ga_sid=1700665964&ga_hid=1788826350&ga_fc=true&dlt=1700665964069&idt=360&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_7_1%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_1%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_5%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_5%26faid%3Dfalse%26adro%3Dv8_e&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16430
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=433523894187752&correlator=920200375724935&eid=31078987%2C31079674%2C31079658%2C31079525&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&arp=1&abxe=1&dt=1700665965951&lmt=1700665965&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGskwDhyaefL-Uz6JP-xs9cW4xDp_X_pNFAYL9WiP9JhEDmtZ0N172uY4JX9_XZIWtnZNcxnl4UVWEbIcjgZNK5Y&ga_vid=1436726785.1700665964&ga_sid=1700665964&ga_hid=1788826350&ga_fc=true&dlt=1700665964069&idt=360&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_7_1%26cluster_reporting%3Dchrome_DESKTOP_7_1_active_1%26ap_refresh_type%3DAV_3%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D1%26fp_engine_ran%3D1_5%26ap_fp_engine_type%3DmanualFloors%26ap_fp_engine_temp%3DmanualFloors_5%26faid%3Dfalse%26adro%3Dv8_e&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12909
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
480_650.mp4
cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/ 		244 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 22 Nov 2023 15:12:46 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
next-up-widget.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pj4jcRMOgEInhVJueqzdQGnJIyzV_Yos
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:46 GMT
x-amz-request-id
N8DWRJSD6YVSAYR2
age
12636
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
UjzNbRfB/4WsEUUGfdd4MFU5zUm6b03ppYAPk+v1Iw+n86TgRf8R5QXZZ/bgggyOT/YlU/DnXIc=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:42:09 GMT
server
AmazonS3
x-timer
S1700665966.004991,VS0,VE0
etag
"c60c9f285ae332210a41e9959a3191d5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1194
ads
securepubads.g.doubleclick.net/gampad/ Frame BEB4 		492 B
262 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1101773278214056&correlator=1546261499052506&eid=31079660%2C31079667%2C31079672%2C31079234%2C31079694%2C21065724&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700665966062&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=19jg7zi4jnm2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPKXnYEZ-wz2tSEIit0O_vz_NEnOh9RMuMeyl_SqFCOxpP6eqTxQj3kGxbyV02tBo1Q6d1EHIQeEt4qDe0Xg_MChftkwVNvxjiStVJM7D6V6A45o6_8KM6-PfSkaNmmCrrnYt-UeRjyi_VjqTjDYw2aCpWCZNi5xAk2opmQTegxuTVOMuqKabxol0x2JzC9796Z6zWksLPa&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=909846865.1700665966&ga_sid=1700665966&ga_hid=985187222&ga_fc=false&dlt=1700665965466&idt=371&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BEB4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12256
x-xss-protection
0
container.html
589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B06E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:46 GMT
expires
Thu, 21 Nov 2024 15:12:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 6131
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP9WLTD0-G-2H8
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP9WLTD0-G-2H8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Wed, 22 Nov 2023 15:12:46 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22345.109375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A12%3A46.119&id=8870&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2054%7D%22%2C%22eventTime%22%3A1700665966122%7D&tim=16%3A12%3A46.123&id=9855&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=16%3A12%3A46.130&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6627&cv=20231121-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
70515
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 14:21:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 15:12:46 GMT
spa-detector.20231121-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231121-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
o2wrTBbFYmRlmvj5NzALJI27V5ZpEYwr
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:46 GMT
x-amz-request-id
BD93RACN6XXC5SAW
age
12627
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
l937jH9J0T6tsToIxz/8dxt7tQjkM3MpsbqUAtqA7Yc6hZi8RfS9mTeA3uaAlIAt3xYangLOOt0=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 22 Nov 2023 11:42:19 GMT
server
AmazonS3
x-timer
S1700665966.155909,VS0,VE0
etag
"ce4d50b6753e10ad08a2572e009891bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
21
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11499
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A12%3A46.131&id=5992&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700665966140%7D&tim=16%3A12%3A46.140&id=7893&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=16%3A12%3A46.142&id=2314&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=10143&tvi50=13623&lti=deflated&ri=bd0f28bc09fa8c30ddfded1f03eba731&sd=v2_630b716041dc0d7bc098edebb45e3b8b_9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed_1700665965_1700665965_CNawjgYQ2YJdGMD03Ly_MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&pi=/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&wi=-3019202831322401542&pt=text&vi=1700665965120&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700665966144%7D&tim=16%3A12%3A46.144&id=2249&llvl=2&cv=20231121-7-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 06:17:50 GMT
x-content-type-options
nosniff
age
377696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 04:55:47 GMT
x-content-type-options
nosniff
age
382619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Wed, 22 Nov 2023 15:12:46 GMT
a1550967.js
js.genieessp.com/t/550/967/ Frame B728 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/550/967/a1550967.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.18 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p018.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 08:08:17 GMT
server
nginx
etag
W/"65016df1-2598"
content-type
application/javascript
cache-control
max-age=900, private
cross-origin-resource-policy
cross-origin
expires
Wed, 22 Nov 2023 15:27:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B728 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:46 GMT
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=13623&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
480_650.mp4
cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 22 Nov 2023 15:12:46 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
tap.php
pixel.rubiconproject.com/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/sXFnZ7PtI_ko97xEPS-8DQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cI0ibVBE2oLt4Xb0tuCTu5sJ7HpBzJzXQNHz0Q--~A
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cI0ibVBE2oLt4Xb0tuCTu5sJ7HpBzJzXQNHz0Q--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-cI0ibVBE2oLt4Xb0tuCTu5sJ7HpBzJzXQNHz0Q--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6131
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=c71_PTS8R2CJzdH7vSvYdw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c71_PTS8R2CJzdH7vSvYdw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c71_PTS8R2CJzdH7vSvYdw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EXF17REK3YDKQZE5WXND
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=c71_PTS8R2CJzdH7vSvYdw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6131
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FnV0fxOQQ8SW9KemITNq1A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FnV0fxOQQ8SW9KemITNq1A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FnV0fxOQQ8SW9KemITNq1A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
06ZCZWC0ENP94G38S6P1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=FnV0fxOQQ8SW9KemITNq1A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWY2ZjEwNjUzMTNiMjU0MTgxNTQ5NWE5ZGMyNzczMGNjZmNhMDgxMg
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWY2ZjEwNjUzMTNiMjU0MTgxNTQ5NWE5ZGMyNzczMGNjZmNhMDgxMg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWY2ZjEwNjUzMTNiMjU0MTgxNTQ5NWE5ZGMyNzczMGNjZmNhMDgxMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6131 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
server
Kestrel
content-length
70
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 6131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRLxShYdtkkv4C9PEeVPDE&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRLxShYdtkkv4C9PEeVPDE&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJRLxShYdtkkv4C9PEeVPDE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6131
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP9WLTD0-G-2H8&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP9WLTD0-G-2H8&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5QT6AHG5DC0W6EK6X1VZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP9WLTD0-G-2H8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFA5V0xURDAtRy0ySDg=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqs5eWdHZdAlArJTIJl-Ac&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5V0xURDAtRy0ySDg=&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5V0xURDAtRy0ySDg=&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFA5V0xURDAtRy0ySDg=&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
setuid
px.ads.linkedin.com/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9WLTD0-G-2H8
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9WLTD0-G-2H8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7BA020088D334E9C8B9FF5477D303B14 Ref B: ZRHEDGE1414 Ref C: 2023-11-22T15:12:46Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKvybWyskl0/8fDJZV8g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP9WLTD0-G-2H8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rp
match.prod.bidr.io/cookie-sync/ Frame 6131 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.186.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-186-244.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6131
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=627c327b-88a2-4cbf-8988-a549aea27485&expires=30
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=627c327b-88a2-4cbf-8988-a549aea27485&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=627c327b-88a2-4cbf-8988-a549aea27485&expires=30
Date
Wed, 22 Nov 2023 15:12:47 GMT
Connection
keep-alive
X-CI-RTID
f7e2844a-2a81-4433-b94a-f54ddcf115ec
Content-Length
144
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP9WLTD0-G-2H8&redir=true
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP9WLTD0-G-2H8&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP9WLTD0-G-2H8&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yXzcuRnU1RTJ1SF9IMGFIUjNEdHB1LjdsN1d0R1duSn5B&ovsid=LP9WLTD0-G-2H8&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yXzcuRnU1RTJ1SF9IMGFIUjNEdHB1LjdsN1d0R1duSn5B&ovsid=LP9WLTD0-G-2H8&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
23.50.131.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 22 Nov 2023 15:12:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Wed, 22 Nov 2023 15:12:47 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1yXzcuRnU1RTJ1SF9IMGFIUjNEdHB1LjdsN1d0R1duSn5B&ovsid=LP9WLTD0-G-2H8&dpid=58160
date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/prebid/ Frame 6131
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9WLTD0-G-2H8
43 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9WLTD0-G-2H8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
an-x-request-uuid
f3a7e6fd-9d39-4ea0-892c-d08b24b92790
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.5; 176.10.106.5; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LP9WLTD0-G-2H8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 6131
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP9WLTD0-G-2H8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
liveCS.php
live.primis.tech/live/ Frame 6131
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP9WLTD0-G-2H8
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP9WLTD0-G-2H8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
2600:9000:2251:9200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
AOklK6sDEwXxDUYWuDo3_fx_I667-9KEOrRiqAKiq7Jhe2GRlfgP-g==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP9WLTD0-G-2H8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
v1
match.sharethrough.com/sync/ Frame 6131
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP9WLTD0-G-2H8
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP9WLTD0-G-2H8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Server
52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LP9WLTD0-G-2H8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
KJGOuGTZ%2FxKU5GY7SmRrPw4vDp8HE%2BHMtiXnfwLEelA6ry046KXq5t0FyDRggnVRBPGqb0OUWaiucCUp4fLMwX8B2DMmJmCOZnOdyPMHRXTUhUdWHf8xUSzIwM8op%2BPg4w7KDiANPAclDnQXVKvxcjLEajBagfPHPkHhkguYl5E6u4o3oO1ZH0e8MG0QRug...
ad.vidverto.io/delivery/video/pod/ Frame CCF0 		54 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/KJGOuGTZ%2FxKU5GY7SmRrPw4vDp8HE%2BHMtiXnfwLEelA6ry046KXq5t0FyDRggnVRBPGqb0OUWaiucCUp4fLMwX8B2DMmJmCOZnOdyPMHRXTUhUdWHf8xUSzIwM8op%2BPg4w7KDiANPAclDnQXVKvxcjLEajBagfPHPkHhkguYl5E6u4o3oO1ZH0e8MG0QRugTkVKtSD9B86dluiZJVN6niJsc7yOJNCD1SJMfoTDMlzhMVhmsiwmYhfYVJ7FPhQsudW%2FBfeWA9MlDWU039WC1SgJUOHeS5vTSd%2F1e%2F5f6t4EHVTk%2FVOOMtrric8nWc37CPzTQv0zFG%2BO54Nh2nzxmE78x%2F%2BNxvtcEWb9kW1Q8CpvKCA6mGRefpTXTFfcZK%2BlZxBL0kwstM%2FvKomTFVbhex6ligjq1U1AWrzxuPFvHAtks5vkXfYJkatwjpUdDTM9ZIgnQKhGRNQPGU6AAwysf5mPFig7yfih2BXIrZtut2RZWo%2FqMPjItESloJdKOY1lYlYMcWtUy2mWsy2yIAykdLbfmG6vsG6khO%2B4tFaJbWn93wI9ljvJWLh8bh3LAgQ3mbezWrSm8PYhRk3V1N7fUFK%2FwaUmaHE0uNrzefY0Q4FU%2FdaDxto3ppmp6yz%2BSDSZ04p7Lo5bZRhNrWHpzyda5ZV7M0EHS7rdIeI0PhK7tc6UgHXpoE0NnGQRd7mjykIOdab83aTqmb9RAFVn9wSHZUV2PPQfy1nTOYfwiQAT0SYHdJ8VwvYuXlDwnK7KigLngP70yZOWWlVJPOk3FNsNwZAa2zyrbfZ%2Fu1FIy97d%2BNxlD5vg9UjlRHULH3EEv%2FOcpH8Ui9r3kpPaa0ET9MQh4IIfDCDYxFTIALNUMpBVD2N%2FMq1exPHP4rkpya1TUy1j2?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BEB4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 15:12:46 GMT
480_650.mp4
cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Wed, 22 Nov 2023 15:12:46 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
bulk-metrics
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/bulk-metrics?tvi48=10143&tvi50=13623&route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
d487e454b6e8c2bdd00ae3e285662fb7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 22 Nov 2023 15:12:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d487e454b6e8c2bdd00ae3e285662fb7.jpg
age
3277030
edge-cache-tag
574752983566478366042810641110588364102,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
574752983566478366042810641110588364102,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
216
expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://news.livedoor.com/
content-length
3872
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000071-IAD, cache-iad-kiad7000071-IAD, cache-sna10721-LGB, cache-iad-kjyo7100128-IAD, cache-mxp6954-MXP
last-modified
Sun, 13 Aug 2023 09:28:54 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1200,oheight=800,obytes=384488
x-timer
S1700665966.412313,VS0,VE2
etag
"ad5b68f90ab47cc59b60d2168de3d2ce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 0, 98, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
4581126
edge-cache-tag
603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
174
req-referer
https://news.koreadaily.com/
content-length
9056
x-request-id
97f41bf3ffce520d7b143cf3ff4d2b52
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200043-IAD, cache-iad-kcgs7200134-IAD, cache-sna10729-LGB, cache-iad-kiad7000077-IAD, cache-mxp6954-MXP
last-modified
Sat, 16 Sep 2023 22:27:09 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=17646,owidth=1000,oheight=600,obytes=1177283
x-timer
S1700665966.412296,VS0,VE1
etag
"849008b74f984a8816fbe7bfbaf6a874"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1261, 1
4e8d590f69ba3de17fd0fd39dcfebedf.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 22 Nov 2023 15:12:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4e8d590f69ba3de17fd0fd39dcfebedf.png
age
1294488
edge-cache-tag
471243338919322031678467830303336845259,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
471243338919322031678467830303336845259,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
130
req-referer
https://www.nzz.ch/international/urteil-des-verfassungsgerichts-deutsche-oekonome-fordern-reform-der-schuldenbremse-ld.1766002
content-length
5524
x-request-id
fbe3edc3dc38733bfea6e91c2cd0298d
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000039-IAD, cache-iad-kjyo7100126-IAD, cache-lga21941-LGA, cache-iad-kjyo7100052-IAD, cache-mxp6954-MXP
last-modified
Fri, 29 Sep 2023 09:24:55 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=7552,owidth=1280,oheight=812,obytes=1083488
x-timer
S1700665966.412447,VS0,VE1
etag
"816cc95a4291858b7af7089dca76412d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 3, 1
container.html
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:44 GMT
expires
Thu, 21 Nov 2024 15:12:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame CCF0 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp9wltr8&c=1519949213336&slotId=759974606668&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 5156 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
362700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 398F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 22 Nov 2023 15:55:28 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:6857:abc2:e420:ab40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvbWVpLW1laS16aG9uZy1ndW8temFpLXhpLWNhbmcteGl1LWppYW4teGluLWZhbmcta29uZy16aGVuLWRpLWhvbmctcWktOWRhby1kYW4ta2UtbmVuZy1qaW4temh1Lmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbWVpLW1laS16aG9uZy1ndW8temFpLXhpLWNhbmcteGl1LWppYW4teGluLWZhbmcta29uZy16aGVuLWRpLWhvbmctcWktOWRhby1kYW4ta2UtbmVuZy1qaW4temh1Lmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 21 Nov 2024 15:12:46 GMT
date
Wed, 22 Nov 2023 15:11:39 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
/
adx3.adform.net/adx/ Frame CCF0 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame CCF0 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&ppid=672f6401-02e3-407e-88ae-702c014f8658&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966583&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame CCF0 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966587&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame CCF0 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966590&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCF0 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&ppid=672f6401-02e3-407e-88ae-702c014f8658&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966592&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCF0 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C444x250%7C480x320%7C480x360%7C600x252%7C600x338%7C640x360%7C640x480%7C720x405%7C1024x768%7C1280x720&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&ppid=672f6401-02e3-407e-88ae-702c014f8658&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966595&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame CCF0 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966598&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame CCF0 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1259186787965633&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=7B7534E1-9D4A-4C25-8CD2-B7370BC69D32&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665966601&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=167491059365892&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D668 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
67654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 20:25:12 GMT
expires
Wed, 20 Nov 2024 20:25:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6433 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EgH2aQ7u47h2Ezyu9IcxSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EgH2aQ7u47h2Ezyu9IcxSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:46 GMT
expires
Wed, 22 Nov 2023 15:12:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:44 GMT
expires
Thu, 21 Nov 2024 15:12:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 59BF 		8 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 14:55:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 15:12:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59BF 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
84077
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:51:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 59BF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 02:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
46521
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 02:17:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59BF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
80454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:51:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 59BF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
57348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 59BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQaB78j7__iacf2gu7j5P5jMc9_G2oPCmPEBHJdODSLLgzW5uOtQ2Ej66aG9b1PNYOcwa11rjfaedpHiMpY7RE-6JxUnA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 59BF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:46 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 59BF 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 07:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 07:40:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B88D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
3089
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 14:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5154 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
20851
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 59BF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=10143&tvi50=13623&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
101
date
Wed, 22 Nov 2023 15:12:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80532
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6954-MXP
pragma
no-cache
server
nginx
x-timer
S1700665967.876969,VS0,VE101
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5AC2 		478 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWr1KmhJmlx-NCSdJX3rLaiupoOjuQnTaFx45iH_PEmnK9AEgUO7JiBr9mor5seQaoOMv8y6vXuE8yD7MERYfKaSXEVgw
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4AB2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALiCKyC2VYgZieDFmfrXxj-AAMRKawvRuE7UMHtrwruUWMzzwCr74dk_kYrFV65f_wJKN5c_MMRBaQecrA1EgtSbT4OLaZXpHLuFvFMLJCqAQaK7w
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12129898179925123154&x=1&ct=77
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4AB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
80455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:51:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 4AB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
57349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame 4AB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8wk1-OA9fAHVPyO5_tPvnXLoYf0Apse2zFpbtY9lwr49R2w9lh-NkrqqpkI1nBIakNOmBjmlvbL-Qh8VrEqnxfh4PCQ
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4AB2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:47 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame B331 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:46 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Wt5zaT1CH9LeVvjw4o8j7trczsZ8oGAmm0qJstuJzw3GYsYnznq57qWx3ctts51fUxOQU7cARd0K0D7nmf4VZ1mxhHXfnTrc9o9pchqXB0JLNWTTK57zd5sdXNYBdIiofbfdF3fKgUqZME2BS9aGqJ1ztJt86LYxjDFViRVywSugvija1Htcp8nlNg7Adzb1ft7H2nVdpk8I8f52YIRZySjvYjq5iTs6GZfeX8qOruBU74vUi8hWQFm8bWLN3912FYxmcw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3330085
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E3CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 16:51:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
80455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 16:51:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 18F3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
20852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E3CE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
57349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame E3CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE6ewXNdiEOGjkC2e34uxXtCGrNuiwb07xO4HZ-eWVC8BldzZMxm0WwZOF9kQrObcCN-_CTt5eqGpyiGOGOw7jZ8qnPg
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E3CE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
489349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E3CE 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 15:12:47 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91864
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 15:12:47 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:6857:abc2:e420:ab40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pixel
cm.g.doubleclick.net/ Frame 5AC2 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWr1KmhJmlx-NCSdJX3rLaiupoOjuQnTaFx45iH_PEmnK9AEgUO7JiBr9mor5seQaoOMv8y6vXuE8yD7MERYfKaSXEVgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1&C=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWr1KmhJmlx-NCSdJX3rLaiupoOjuQnTaFx45iH_PEmnK9AEgUO7JiBr9mor5seQaoOMv8y6vXuE8yD7MERYfKaSXEVgw
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbDDch5xoMAk3e513h9CViHaq9fMqv8OiPNnLCgOW4B3iGVupibd634o67tic2IfcdmoJaS5s7ywoYrRKVC5lYhY2nKRyyj8yj0H2wU%2BjkJ3VeXVchGxEIt7OS9F%2FMiXkospu66yFHg9VA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a21cd82bd50208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYjkjyLql0LM8ihpd2Ks56GFlZzC3zCoUZ2cCESzyuflVrWgl%2Fy%2FS3PMXSfaYPiN3x0D%2FWlCe10XVFser4Sh%2F3oSo7vPqj319IIyP0Gjej%2BSONZLG3vmkdZAM35Tgsit%2BBARjd%2BrKRRHxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1&C=1
cache-control
no-cache
cf-ray
82a21cd7eb650208-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5AC2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV4abyeknWApKLJL0ncBIgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjDvYjGATAB&v=APEucNWr1KmhJmlx-NCSdJX3rLaiupoOjuQnTaFx45iH_PEmnK9AEgUO7JiBr9mor5seQaoOMv8y6vXuE8yD7MERYfKaSXEVgw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u79y8TLAWV7X01UETaXR%2B8SamE%2FcFNPmB%2Fw6UbK0aCbwXG7hGhkKRiOqpj0Rsn5vUFn2SMcJzqrnPQcEBXdXIGH8hZfAfNmbfYqRK5cHy7DxXfEWLZexfC0XlIv7zfzDn8htMZdRr9HyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a21cd92c8a01eb-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPyctI62ALuw6V1uBwWL0ms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 59BF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 22 Nov 2023 15:12:47 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
27866
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6954-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700665967.300413,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
35
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8011
pixel
cm.g.doubleclick.net/ Frame 5154
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECYgO_VucuXxDamdwBCwlLA&google_cver=1&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0d...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0dd49xpHxOEpZ7Bs0ec__mB&google_hm=uPoi-aXLT1eR5JgcM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0dd49xpHxOEpZ7Bs0ec__mB&google_hm=uPoi-aXLT1eR5JgcMear5AU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmReeOzyetPiTlNqm_fl1gH9m47ELwOz8cWLJeuFNjGfBQ-ffNSy_oh-BJ1fVapY-XxZyWqRx0dd49xpHxOEpZ7Bs0ec__mB&google_hm=uPoi-aXLT1eR5JgcMear5AU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5154
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEJ22qDup1K_oqQV_6eGgIrc&google_cver=1&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzPVEDeMxgIftk8gVqhw
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qk93SlpULXNDUWVMeENfMWNCcGVaUQ%3D%3D&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qk93SlpULXNDUWVMeENfMWNCcGVaUQ%3D%3D&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzPVEDeMxgIftk8gVqhw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 15:12:48 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=Qk93SlpULXNDUWVMeENfMWNCcGVaUQ%3D%3D&google_push=AXcoOmQv_nTTdsH42HXs8EdBVHq2eYkehUShKX9yduD6g6qAXcsQB9vS4pdUfOi97wj97UhO--1hYrBecmzzPVEDeMxgIftk8gVqhw
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
245
pixel
cm.g.doubleclick.net/ Frame 5154
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_cver=1&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKU...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKU...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u&google_hm=V29HeE5CVTJfNVF1eFh5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u&google_hm=V29HeE5CVTJfNVF1eFh5eGxBaGc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDzo7ZGxiS76tiLaKUx1sF22YGb-B8YTiZmsg_3695Qu-L_ggiqr9_W5Y-tlHQogbiF0TIpEXpCVcKUDk2e5gfkJdMLL6u&google_hm=V29HeE5CVTJfNVF1eFh5eGxBaGc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5154
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEJlWPJSRNX9W1fGkax3JuiY&google_cver=1&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWY...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWYB1F1e5tbCbwqA&google_hm=AYa0bcGcHUYhtwWXHX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWYB1F1e5tbCbwqA&google_hm=AYa0bcGcHUYhtwWXHXCX-qE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmQMwX0FAth_V_AIHcMpsUR7AR1evq68xCZKOkOdd8Ll79M78RUcF4VgbKETnmDxscFATKS2q1AnzOc4H3yWYB1F1e5tbCbwqA&google_hm=AYa0bcGcHUYhtwWXHXCX-qE
Date
Wed, 22 Nov 2023 15:12:48 GMT
Server
Apache
Connection
keep-alive
Content-Length
233
Content-Type
text/html; charset=utf-8
/
cc.adingo.jp/adx/push/ Frame 5154 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESENTu-sbTHxCE1MiF4BGNpng&google_cver=1&google_push=AXcoOmS0EPoJQaKwswg3Zc76aM815dDkzucjfc8_bFd_f9_xUFPyvJDnP8yjYg5CRZudObL4LS1js0ZxLnU4aSAYPf_0uKg2bR7mkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.58.92 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-92-58-92.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
server
awselb/2.0
report
sync.teads.tv/um/ Frame 5154
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMDCiFn1OCO3...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ODY5NzZmNzgtMjUxNS00Yzg1LTljODAtZWYyZjExNmRlNGRj&google_push=AXcoOmTUJschtdX2KSA3Bu_Smzh8tPR03OQOtU8LutKs_FKE4i4BT9i68WhWgSGSh-RCo...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 15:12:47 GMT
pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5154
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEDeOAy0oBDI9y7zmtTBFe9k&google_cver=1&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVCl...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVClwLP1EEimsuXvLI5sEv_KQVmFRCG1RkLb1qg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVClwLP1EEimsuXvLI5sEv_KQVmFRCG1RkLb1qg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
6dd2c788.17b5ea6b
date
Wed, 22 Nov 2023 15:12:47 GMT
x-bytefaas-request-id
202311221512476843757EFD7FDC45718A
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-54-206-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
154,23.54.206.6
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=67, inner; dur=64
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202311221512476843757EFD7FDC45718A
x-cache-remote
TCP_MISS from a23-218-219-8.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSFsv8I_EBZu2QaTeIJV9LPCOOO7rfaA2PSkr-Q4EyztieoCXIZ-lsHCSDkVClwLP1EEimsuXvLI5sEv_KQVmFRCG1RkLb1qg
x-bytefaas-execution-duration
62.91
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01235132e39e35e96aef755662cab3a82094a855b60f105d016476a3ad00da21d212edb045825474d6ed38c8f4e0afb8ab945a951562c3f803515ef3f8153624ee164e3671d8ab114a1574dd2d5bebc6cda96b985a1c12e6655f484bba16a0007e9261210aab96e53f5d8f0d44ee4bcac3
x-origin-response-time
67,23.218.219.8
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Wed, 22 Nov 2023 15:12:47 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 5154 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhzjBC8hPbRnqWwlqii-hrIOc-3YF86cP_jLE-7ZaR7hBv4FNjSXgRvGuQlHCMtkArG_jtNr0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
csi
csi.gstatic.com/ Frame CCF0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp9wlu1p&c=1519949213336&slotId=759974606668&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame B331 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:12:47 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B331 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:12:47 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B331 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 16 Nov 2024 15:12:47 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B331 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 16 Nov 2024 15:12:47 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B331 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jnxs1Ede4z7KmFcu35xlDsP-Lw1btl6qq7DLIhUo3kLVb6Ht5Puc7wcY_PaJmNxg-zcxY2Y4ITjKoeOiWhpsc24M4nccbFtb8C0hr3VaLit8c9sH4LYGQsHQ2WR_ujWpzojST34Rp1MJ0bKOx6PqP0GMdkKlvKxIu_mtfEQjybBF2sYr36Req8VYekh8Sbk6wU1sRpjUuJyxvT2b-SINfO2kMyHb_FSnLlh4pMeJU_Ykox3kuQdZnONWYW9YdJ9smTHsEZAbPCoiBablFOuZ2MfMdwTcZbJFYABzDBIF3WQBpLqs-BkNIUHQIIHx8fXovrC-iMp36JXFPOr6uEu_TlRTbjImWU0rKd1TPxOxbtq9uhHFXgUQBumuYsmQcUkrQRLACCSri-CxjsUz7UjeHKtt-O4ZO9nCsYsZjmeIDOspUDKt
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1485089
expires
Mon, 26 Jul 1997 05:00:00 GMT
af5d81331afa4c12b5cd11525908ee3b_image_ad_300x250.jpeg
static.criteo.net/design/dt/41417/5062956/ Frame B331 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/41417/5062956/af5d81331afa4c12b5cd11525908ee3b_image_ad_300x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 30 Oct 2023 09:38:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"653f7978-94e5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
38117
expires
Sat, 16 Nov 2024 15:12:47 GMT
jsk
ialaddin.genieesspv.jp/yie/ld/ Frame B728 		724 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ialaddin.genieesspv.jp/yie/ld/jsk?zoneid=1550967&cb=30629976440&charset=UTF-8&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&sw=1200&sh=1600&topframe=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p012.net133186012.broadline.ne.jp
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
content-type
text/javascript; charset=UTF-8
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ Frame B728 		633 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by
Host: js.genieessp.com
URL: https://js.genieessp.com/t/550/967/a1550967.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
content-type
text/javascript
cache-control
private, max-age=14400
content-length
445
expires
Wed, 22 Nov 2023 19:12:47 GMT
csi
csi.gstatic.com/ Frame CCF0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp9wluqe&c=1519949213336&slotId=759974606668&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame CCF0 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp9wlur8&c=1519949213336&slotId=759974606668&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 59BF 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
507388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:16:19 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4430715346321&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AB2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4430715346321&version=m202309260101&ct=77&x=1&cor=12129898179925123000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4AB2 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_r3I696HxgaO1BslllFVSsR2DEgb4CpQawDXChAmFJzjujXnjaKkgGHwRyaf4oX6i5CX9aSvgrepHe79kYDvakM39gGMKPIrCuGkkKdi9MDxmd_6pBLHP54rHAJr-Y7zybC6PePAlMOXjZUFQaiKZrlYTL6qilCTm39IbcA5Wm0BrRA&cry=1&dbm_d=AKAmf-Bl9O8Fj5F_iwbIjk0Vk_1pxqvVwuhlTfFmr9u8DHAX05jwzG5F1xRJhi4JlhJ37JZD4kraVyhfAZqzYXxQSPLaWFJ1kCWc8NEEN_pZN_mdAs7jCZ6zdjIXFXq2DnZswVJ4tRfxjQ9KPve9b-69whA-haxE25079LaKe3CDKUOCq4OioSS3-AzpxvLcjuG09utweMVcuLfUpznhvwDPW0jb69wrG8iK6CaJ4GqXTKl3c1LPL2OXUvFvGpE6Y9hcNpdJ3z5ppI4MfpeRFDXQv_M6sR9ORdNptTp44hU6rogltQ3kZXUekS3S1EPwC3zWWhk_ftYiEiIVYAKN4D_S1jFNkLjS4FUbe-B86JLuN4bLKUn2bwYq-xznMUVxXPsQoEjN40VTO3isRy9nkpKqYuWHr39wVnWk_1BMUOiqFbokm1x22jJNiiJQ5auXqkBuElsL_MIk_pl0idt_qnxvzTQEVljaureD7wDgn_afKeGIwfSiwx2zsxnXXPbu0Gs4rmCPW3UkMptDzVHYdxgQwnjRAj8sJxgmVW1RygVQ6TGTeeb6WT9V6KiBOp-sSA367DWraELX7gXDjjX6wpc47odtwYvVUSUgwurTytZj2HQGKhpqklAsW6PepjYNIiNFbbqtVpvSDt80NQTv7OXFvYKvnquI7OT5td9Gd6wrHFI-qsfIVh4DtkZvzL6xHTTrXAU_b1t61BkhWlWTgCJ47bnbqQHbZ_HkeDTZ0nyjgGLSP1Vr_KHxqLYKTAPaWvHGz2HI7GSZ2YqB1yfGnkVJvAvHGBOT-MjkoIm-vtC30EdDhqt_NoQphb-Z4rQJsqzz_SyYFRk8ox-X054nUN9F5_05jZqlkn4JnzKJMljByoAcxRVjKps0y6MMNl3Rsy_M1xTwM1l0dlSw_G75FiRegigJmdeieGcEXaNu_THJf75npdFMrQTeqENAluU2vf1EiYAoIF1x8YPqs6ZwLIB9BU3iIquebYq9qwOu_pPUl0zzlgEMfuD48mLojo7rAY3KjzF-oj1tqJrupRo0stv7vlDywTfQWvl47AfdzumzF2s7LJatoWo4Oe8yGGDFUk52-7Uti7I4hAqvOuTGZAUxeUBj_wY8RbkFORheB5kyOQCGK340qtILeIkwnJonNRezUUfnFYyjSxTMtmFYcwdh-aMFL5NPVXPlBCap-Uaf3VeGb3niIjEiUpou_eOxCdVDq3SyE46v60TOzoVMhbksPKkyo_FvQK2bZjviewqs21fkZlU1vVtV9p-eCtTmGs3wT7_Eb1X-F6TxLterSln4vcCVu2H4hngIIzrMtD_ZRklvH70tThpb4ImMuCqTx1QXkiOXOmeepwFTpuaRl7pXBTsqAVq7seUozob20Y2rjyD3yWrT7vdq5VDRyQ7hMdimWvlC_ZjvhppW45-mbljEixsfBMXYDingNvMdY7vikBraoyAnC0dy0YYRs7kI1BRPy1R5pZAXcHC2SX8Xi-cv6BLUaxae7W3uf7JIDfx4A9kUzXdirw0UW2-CZXA8JDB3vuqoJDs1HIZI0V13XHb37fRITylngHgWEJ44M-ApNY2RaVLPK3o319xDl9AGXwUjjfB5qVX0p2-DjbsItrTwZ5OMWV1UwwkfTy0OCIr_x2SMxux8iBTD1m5rOLfXoUJy0lCaBAIJgJaKAUIAV6zK9fGOjvX0mvxBpe45glITKgqUkv5eStAh_2wiTMNRDmdp3cJv6OVAVDcP7NZ5xvwoGtbzjJ8HPd9fUi6vabCpfuky5SQnhtp-cWmKTCSk8-6kzGexq3jwixbn6kfIrvn-o4FTd1GYIdIzsrFzZbmBS8pZApfcDSniCL5BXAP0BWz3yPzBHumKwU_yUjb_DSQo4yyjZ-oADBeoa2bW97ulmZQg9MHHP5T79BgYxW7RTjk2szWUc1KWB791n1VlCMeY2QOL6nxxnUtdf-KEcaLF5Bvd-TuVDOuEtZrvBVpyWszsk12Uw3IFa40qbdQnHk3IDVX_xD4P8VtncyxKbXbXj-Z7NAJdoQuA3mEPC34Xj9I22rJ2jG_UivtmILymmk9krFbY4fK05JwNuiWEb_hh-gbWRC5R7d-D2xLD6Iwb0sxUcTTYzO9Yd2Gy_ScX1VSLh5HJdav5KsEe3bEz4q40ofJx_W98KQNFZEgDjHGUyiEhnPROm_dzsitROvdsx1LGkd64LpZRk8OCbqhbp5tXkOxKHUWL21m8zwLxlsADSZXyNJI90kVdHr6IeL2I97DIr32CLWV5Xr4-jD8dbaFtV3glRXBis5U4GI1SQH7U0hkMppeO-rJNKOOZNnnzmrmX5hyJhxtxNs9oViBRQw-fivxfj7sNhVo_t_R-hFfnhWQFA-Mhb8Gltb8Nn6mgQRLYVbty7rl6tVPwlPcw7AyyHQWT5mHnzgAZN8I880qAPcybzTZ72VeN1skSvNCThTYBQTA9zGVRB2Dfuv3HrZgWtLa8n-IbhQ1Pugz1e6aVjr7te5NYIMI2duZHMt1ZwGrLGCVMQtMT9UeorNs4-4gr3vUIYe88QGIP7pN2w7x43VyL9X7e4c5Ir4GpoqzFW-NLxX6imZP3MfbRoPxiE_15giTEmhp7aI60HNFdSIwUCPTNzPiHDU2tqpujbmM0y1dSs3AhmSVB51euam2meibKZgLqywm_fBKxmucd2kpoXzvCrC469y3eGWT4G2I8Kt13Dk7stA-EUBsBl0SqzM96pEXvcT7eMEhp-R3AtrgfZRkXzg-7BmnPQFhURW8gY-svnptPrZN6otl2odTVao3aaNY2ncP44SYsovBt7czwJOB3uKXMoIFpThNzMhq0MgIieKlxlYVfVatKG4q3ohAE_5ZrNvh9oyidEbQsoETA_vfYlX-71iYD0dxN_CCtoAwKZhbVyNmKP1lQR129ifIChGYyjb-DuVi5bvOJ5yTUXXwbNeADzSN7alH27N1lyEYQ4tGlizeyK9MwbsrBWTmpMDTO8eWhfi3OY1lpvsOUvxYd5I8tkOKuC7HaO_wwmPtTJrxntHFIwFnOPN7RGS2vx-7dNK8iT_GRzDPp1tbb6efRfKo6v6Jht2RNEvpTVLJblEyVi_wDjvUYRF_Sz-vNcHJ6ixoW4aByrAeAEBp424Z397-WKTAix5NLOFsfw9BobfIGhEi4xsWCrdU1wmleFa3GctIvsqX9K5UtD7YSBx05cXU73NwQFoaLho4UeZ8Wp91teoDdT_UAd4CkUdyC7RdB4WW8KyVswAYLbpbh9CjLJcZxrNTX3eneriUQjMTCJYhAsmYppg_tn5Jk7evqp-rfhIF0JJ_nzsWO_ZFkCvym5xk-hrtdwWyygP4Vspc1A1aL_FI3qKVPkf6RJCfCPB4YIit56P_lp--ZwqqmgSWZDClWEUGrER_Nc29dtsMLDuQ8ofvYzAJ0fZf5k0G0yP2EsAGAcxWYjd1GplgB_CiLUe5YUD4rF7yy-FpR30YD0t8_ld6v5dtbOby0mrftU1oM3HFrVR7BPkPrItexOvUiLnp4XlYre5eJX63dnVD0OCqS3w0PLOyOtAL9frF9zZ2_tUctfqv4jcAaxshxyd9xJvvmtznMUyS2rE615KI6chywnxn1lYALkbcFg3KtV---85DVgQ7A5_Y_lHHZSSSElHrOC8XCjkNPNow_imB7qjHzirRfaWVyErJCBGD5Db0PStVIeoykGAxmnjH_91RT2MIdwEEs8pZVt9RQ_jgTGLJKP28X5UoDNKRb4RtGgUdrOIl5_cnpu9woz2gXev7J9WPT39tFG2uFFCMj9Ajt5nwGwSHMX_wCW22czjKwbApsBMROg3jwp3kLE0u0gFcX5S9o8f34Mzh5olj_W3X9ubR3BCjjlnM98Z-ZoIzPsA9XHTbkXAGNpGBfEEYykc9vjzqWAyRZWF2qH0eY8j-S4BK0xJpHeqbv14uTiBLvZIVC-6b-PRX4JjXQiLorz4Sm7YTcm6MOkxNmC8qoi636keqDPqi42JgFi8kHgs8rhH5-LG0AtcJyXlO8hvpv8pqFwnp9xw6ML-z4bW1UoVQJnJtJDnRQMAOJ5HnJHI3ipJqNU0x_KARkRrb-MWfJO9vqfYAquNFfXflU6GqJ65TDdDZsVMRfzJJnna3WkS73uJeFBO-og8rLOBFjs4v1PQ2tbMYHrPIDW59pSbTLAAU0FLccPAqdLf60Cp-1umf17uxjM78vN2E&cid=CAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=12129898179925123000&adk=3690638929&idt=129&cac=0&dtd=50
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14105
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B88D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:47 GMT
expires
Wed, 22 Nov 2023 15:12:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6433 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=1101773278214056&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 18F3
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESELgiekW1E7F_xi7FBhQzLNo&google_cver=1&google_push=AXcoOmSdrAYRqkzKZ5psyBIpblmlLHcfAuNWqOk7z40aUdrbSD28yL3rMJy7wKaMsJT_sZxAqr2PaP1jVjZ_uQLpPmjy_zfHs6et
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855432713752&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855432713752&us_privacy=1---
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855432713752&us_privacy=1---
content-length
0
pixel
cm.g.doubleclick.net/ Frame 18F3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJm9DbEFARnkcCp4N5JO8tw&google_cver=1&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5Wy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5WylRrE&google_hm=eS05aGtRNDJaRTJwRUdUYzZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5WylRrE&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 15:12:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw3_3zY1YOfFqGPYq1j8ZY38Z_8VUJWRpf2BcHYhWe3Rxi6rFS7aajwdJQs_pziGu_nFHISEv03az0nP9i9wNZ5WylRrE&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 18F3
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESECII1k9KoU5--vZU6BMDkAw&google_cver=1&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESECII1k9KoU5--vZU6BMDkAw&google_cver=1&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_T...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSu1ew0KDSfRikZYayLMW0ox_b6mYxNVcCLXskMd3_71aIsX0WdehdvowKoyvLLzYf78_TyunfT2KVnbxf7tTv_TSG1a7bg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 18F3 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT1JnA6gY8yy6YaBMFO8VhDsy2T0HwuXb_UYMKLwp8BtIfppY6gH1KtPWw9oCxzuvGe9lsmvjbNEP_Jqj_4KMf8P-aIJKU&google_gid=CAESEFSjMkvJ-iwW0E79vZFUUhc&google_cver=1
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:46 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
344302
expires
Wed, 22 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 18F3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_cver=1&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_O...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEEZDk6I1CEsJ5ynPGWfdtFM&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_O...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec&google_hm=V216U1BtcnBIRUdpV2NBV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec&google_hm=V216U1BtcnBIRUdpV2NBVWdnSWw=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQ0USKKtcMbXZR2rRv9glBJV77BiUs1gbKE-gpdEE0toXdeDYupCI4Z6_PpKzzANfy_NYLjcgosMUx_OKDWyblplnz25ec&google_hm=V216U1BtcnBIRUdpV2NBVWdnSWw=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
onetag-sys.com/match/ Frame 18F3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEN2x9GfqBLdtbyOCMHJkWjc&google_cver=1&google_push=AXcoOmQqH1THScIV4Nd6hyTYqUuYb6gg_6e4-rBGPqMToemprMdz5O487A46BAktwhe9uh8wHyGEdmDfUoS...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQqH1THScIV4Nd6hyTYqUuYb6gg_6e4-rBGPqMToemprMdz5O487A46BAktwhe9uh8wHyGEdmDfUoSCTTy80MALSkm8dWaFQQ
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 18F3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJX...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESELzBW_Skh4IQqv_kYMTB-Iw%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjYzNDYzNTUxODM3NjI0NTA2Ng%3D%3D&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjYzNDYzNTUxODM3NjI0NTA2Ng%3D%3D&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WIl81sN4Swh-kGbXf0qnEPvJQMq6Ow3KzuIztspdYl9yTODucS7ZpYvZkxu6kqTiYAp7-w
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
an-x-request-uuid
ebd9d139-f93d-496a-b020-72ea5a0cfaeb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjYzNDYzNTUxODM3NjI0NTA2Ng%3D%3D&google_gid=CAESELzBW_Skh4IQqv_kYMTB-Iw&google_cver=1&google_push=AXcoOmQIVe7mJMBJXWdABUygy-CMv2w1WIl81sN4Swh-kGbXf0qnEPvJQMq6Ow3KzuIztspdYl9yTODucS7ZpYvZkxu6kqTiYAp7-w
x-proxy-origin
176.10.106.5; 176.10.106.5; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 18F3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaZBb5qdsPSI8N-y9u7Vj1-xh8wkVqsWEoKkNZXea5RelTJxe1E1ZpDRbCXj26OHfRPy_sY-8
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel.gif
ad.vidverto.io/vidverto/test/ Frame CCF0 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame D668 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
13648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 11:25:19 GMT
all
csm.eu.criteo.net/ Frame B331 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Wt5zaT1CH9LeVvjw4o8j7trczsZ8oGAmm0qJstuJzw3GYsYnznq57qWx3ctts51fUxOQU7cARd0K0D7nmf4VZ1mxhHXfnTrc9o9pchqXB0JLNWTTK57zd5sdXNYBdIiofbfdF3fKgUqZME2BS9aGqJ1ztJt86LYxjDFViRVywSugvija1Htcp8nlNg7Adzb1ft7H2nVdpk8I8f52YIRZySjvYjq5iTs6GZfeX8qOruBU74vUi8hWQFm8bWLN3912FYxmcw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 22 Nov 2023 15:12:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B331 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:12:47 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame B331 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Nov 2024 15:12:47 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700665964093&gcd=11l1l1l1l1&dma=0&cid=1436726785.1700665964&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700665967&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=%E7%BE%8E%E5%AA%92%EF%BC%9A%E4%B8%AD%E5%9C%8B%E5%9C%A8%E8%A5%BF%E8%97%8F%E4%BF%AE%E5%BB%BA%E6%96%B0%E9%98%B2%E7%A9%BA%E9%99%A3%E5%9C%B0%EF%BC%8C%E7%B4%85%E6%97%97-9%E5%B0%8E%E5%BD%88%E5%8F%AF%E8%83%BD%E9%80%B2%E9%A7%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=6322
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame D0ED 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
362701
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 10:27:46 GMT
expires
Sun, 17 Nov 2024 10:27:46 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0EAF 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 14:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 22 Nov 2023 15:55:28 GMT
truncated
/ Frame E3CE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:47 GMT
x-amz-request-id
HHY0NQ91R65HT3D9
age
3163
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1aLLj3wTF6Hb4QpDejMBZ+IhqWdnyRRAZC3aa69irK3RgvzcwGvLjH/ZFc60e1UY4gUBo215H64=
x-served-by
cache-mxp6954-MXP
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700665968.884448,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7518
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231121-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Nov 2023 15:12:47 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
27822
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6954-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700665968.884539,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7345
480_650.mp4
cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/ 		36 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 22 Nov 2023 15:12:47 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4AB2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DW_r3I696HxgaO1BslllFVSsR2DEgb4CpQawDXChAmFJzjujXnjaKkgGHwRyaf4oX6i5CX9aSvgrepHe79kYDvakM39gGMKPIrCuGkkKdi9MDxmd_6pBLHP54rHAJr-Y7zybC6PePAlMOXjZUFQaiKZrlYTL6qilCTm39IbcA5Wm0BrRA&cry=1&dbm_d=AKAmf-Bl9O8Fj5F_iwbIjk0Vk_1pxqvVwuhlTfFmr9u8DHAX05jwzG5F1xRJhi4JlhJ37JZD4kraVyhfAZqzYXxQSPLaWFJ1kCWc8NEEN_pZN_mdAs7jCZ6zdjIXFXq2DnZswVJ4tRfxjQ9KPve9b-69whA-haxE25079LaKe3CDKUOCq4OioSS3-AzpxvLcjuG09utweMVcuLfUpznhvwDPW0jb69wrG8iK6CaJ4GqXTKl3c1LPL2OXUvFvGpE6Y9hcNpdJ3z5ppI4MfpeRFDXQv_M6sR9ORdNptTp44hU6rogltQ3kZXUekS3S1EPwC3zWWhk_ftYiEiIVYAKN4D_S1jFNkLjS4FUbe-B86JLuN4bLKUn2bwYq-xznMUVxXPsQoEjN40VTO3isRy9nkpKqYuWHr39wVnWk_1BMUOiqFbokm1x22jJNiiJQ5auXqkBuElsL_MIk_pl0idt_qnxvzTQEVljaureD7wDgn_afKeGIwfSiwx2zsxnXXPbu0Gs4rmCPW3UkMptDzVHYdxgQwnjRAj8sJxgmVW1RygVQ6TGTeeb6WT9V6KiBOp-sSA367DWraELX7gXDjjX6wpc47odtwYvVUSUgwurTytZj2HQGKhpqklAsW6PepjYNIiNFbbqtVpvSDt80NQTv7OXFvYKvnquI7OT5td9Gd6wrHFI-qsfIVh4DtkZvzL6xHTTrXAU_b1t61BkhWlWTgCJ47bnbqQHbZ_HkeDTZ0nyjgGLSP1Vr_KHxqLYKTAPaWvHGz2HI7GSZ2YqB1yfGnkVJvAvHGBOT-MjkoIm-vtC30EdDhqt_NoQphb-Z4rQJsqzz_SyYFRk8ox-X054nUN9F5_05jZqlkn4JnzKJMljByoAcxRVjKps0y6MMNl3Rsy_M1xTwM1l0dlSw_G75FiRegigJmdeieGcEXaNu_THJf75npdFMrQTeqENAluU2vf1EiYAoIF1x8YPqs6ZwLIB9BU3iIquebYq9qwOu_pPUl0zzlgEMfuD48mLojo7rAY3KjzF-oj1tqJrupRo0stv7vlDywTfQWvl47AfdzumzF2s7LJatoWo4Oe8yGGDFUk52-7Uti7I4hAqvOuTGZAUxeUBj_wY8RbkFORheB5kyOQCGK340qtILeIkwnJonNRezUUfnFYyjSxTMtmFYcwdh-aMFL5NPVXPlBCap-Uaf3VeGb3niIjEiUpou_eOxCdVDq3SyE46v60TOzoVMhbksPKkyo_FvQK2bZjviewqs21fkZlU1vVtV9p-eCtTmGs3wT7_Eb1X-F6TxLterSln4vcCVu2H4hngIIzrMtD_ZRklvH70tThpb4ImMuCqTx1QXkiOXOmeepwFTpuaRl7pXBTsqAVq7seUozob20Y2rjyD3yWrT7vdq5VDRyQ7hMdimWvlC_ZjvhppW45-mbljEixsfBMXYDingNvMdY7vikBraoyAnC0dy0YYRs7kI1BRPy1R5pZAXcHC2SX8Xi-cv6BLUaxae7W3uf7JIDfx4A9kUzXdirw0UW2-CZXA8JDB3vuqoJDs1HIZI0V13XHb37fRITylngHgWEJ44M-ApNY2RaVLPK3o319xDl9AGXwUjjfB5qVX0p2-DjbsItrTwZ5OMWV1UwwkfTy0OCIr_x2SMxux8iBTD1m5rOLfXoUJy0lCaBAIJgJaKAUIAV6zK9fGOjvX0mvxBpe45glITKgqUkv5eStAh_2wiTMNRDmdp3cJv6OVAVDcP7NZ5xvwoGtbzjJ8HPd9fUi6vabCpfuky5SQnhtp-cWmKTCSk8-6kzGexq3jwixbn6kfIrvn-o4FTd1GYIdIzsrFzZbmBS8pZApfcDSniCL5BXAP0BWz3yPzBHumKwU_yUjb_DSQo4yyjZ-oADBeoa2bW97ulmZQg9MHHP5T79BgYxW7RTjk2szWUc1KWB791n1VlCMeY2QOL6nxxnUtdf-KEcaLF5Bvd-TuVDOuEtZrvBVpyWszsk12Uw3IFa40qbdQnHk3IDVX_xD4P8VtncyxKbXbXj-Z7NAJdoQuA3mEPC34Xj9I22rJ2jG_UivtmILymmk9krFbY4fK05JwNuiWEb_hh-gbWRC5R7d-D2xLD6Iwb0sxUcTTYzO9Yd2Gy_ScX1VSLh5HJdav5KsEe3bEz4q40ofJx_W98KQNFZEgDjHGUyiEhnPROm_dzsitROvdsx1LGkd64LpZRk8OCbqhbp5tXkOxKHUWL21m8zwLxlsADSZXyNJI90kVdHr6IeL2I97DIr32CLWV5Xr4-jD8dbaFtV3glRXBis5U4GI1SQH7U0hkMppeO-rJNKOOZNnnzmrmX5hyJhxtxNs9oViBRQw-fivxfj7sNhVo_t_R-hFfnhWQFA-Mhb8Gltb8Nn6mgQRLYVbty7rl6tVPwlPcw7AyyHQWT5mHnzgAZN8I880qAPcybzTZ72VeN1skSvNCThTYBQTA9zGVRB2Dfuv3HrZgWtLa8n-IbhQ1Pugz1e6aVjr7te5NYIMI2duZHMt1ZwGrLGCVMQtMT9UeorNs4-4gr3vUIYe88QGIP7pN2w7x43VyL9X7e4c5Ir4GpoqzFW-NLxX6imZP3MfbRoPxiE_15giTEmhp7aI60HNFdSIwUCPTNzPiHDU2tqpujbmM0y1dSs3AhmSVB51euam2meibKZgLqywm_fBKxmucd2kpoXzvCrC469y3eGWT4G2I8Kt13Dk7stA-EUBsBl0SqzM96pEXvcT7eMEhp-R3AtrgfZRkXzg-7BmnPQFhURW8gY-svnptPrZN6otl2odTVao3aaNY2ncP44SYsovBt7czwJOB3uKXMoIFpThNzMhq0MgIieKlxlYVfVatKG4q3ohAE_5ZrNvh9oyidEbQsoETA_vfYlX-71iYD0dxN_CCtoAwKZhbVyNmKP1lQR129ifIChGYyjb-DuVi5bvOJ5yTUXXwbNeADzSN7alH27N1lyEYQ4tGlizeyK9MwbsrBWTmpMDTO8eWhfi3OY1lpvsOUvxYd5I8tkOKuC7HaO_wwmPtTJrxntHFIwFnOPN7RGS2vx-7dNK8iT_GRzDPp1tbb6efRfKo6v6Jht2RNEvpTVLJblEyVi_wDjvUYRF_Sz-vNcHJ6ixoW4aByrAeAEBp424Z397-WKTAix5NLOFsfw9BobfIGhEi4xsWCrdU1wmleFa3GctIvsqX9K5UtD7YSBx05cXU73NwQFoaLho4UeZ8Wp91teoDdT_UAd4CkUdyC7RdB4WW8KyVswAYLbpbh9CjLJcZxrNTX3eneriUQjMTCJYhAsmYppg_tn5Jk7evqp-rfhIF0JJ_nzsWO_ZFkCvym5xk-hrtdwWyygP4Vspc1A1aL_FI3qKVPkf6RJCfCPB4YIit56P_lp--ZwqqmgSWZDClWEUGrER_Nc29dtsMLDuQ8ofvYzAJ0fZf5k0G0yP2EsAGAcxWYjd1GplgB_CiLUe5YUD4rF7yy-FpR30YD0t8_ld6v5dtbOby0mrftU1oM3HFrVR7BPkPrItexOvUiLnp4XlYre5eJX63dnVD0OCqS3w0PLOyOtAL9frF9zZ2_tUctfqv4jcAaxshxyd9xJvvmtznMUyS2rE615KI6chywnxn1lYALkbcFg3KtV---85DVgQ7A5_Y_lHHZSSSElHrOC8XCjkNPNow_imB7qjHzirRfaWVyErJCBGD5Db0PStVIeoykGAxmnjH_91RT2MIdwEEs8pZVt9RQ_jgTGLJKP28X5UoDNKRb4RtGgUdrOIl5_cnpu9woz2gXev7J9WPT39tFG2uFFCMj9Ajt5nwGwSHMX_wCW22czjKwbApsBMROg3jwp3kLE0u0gFcX5S9o8f34Mzh5olj_W3X9ubR3BCjjlnM98Z-ZoIzPsA9XHTbkXAGNpGBfEEYykc9vjzqWAyRZWF2qH0eY8j-S4BK0xJpHeqbv14uTiBLvZIVC-6b-PRX4JjXQiLorz4Sm7YTcm6MOkxNmC8qoi636keqDPqi42JgFi8kHgs8rhH5-LG0AtcJyXlO8hvpv8pqFwnp9xw6ML-z4bW1UoVQJnJtJDnRQMAOJ5HnJHI3ipJqNU0x_KARkRrb-MWfJO9vqfYAquNFfXflU6GqJ65TDdDZsVMRfzJJnna3WkS73uJeFBO-og8rLOBFjs4v1PQ2tbMYHrPIDW59pSbTLAAU0FLccPAqdLf60Cp-1umf17uxjM78vN2E&cid=CAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=12129898179925123000&adk=3690638929&idt=129&cac=0&dtd=50
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
421659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDY2NTk2NzUxMjE5MAogIHNlcnZlcl9pcDogMTI2MDYyMjkxCiAgcHJvY2Vzc19pZDogMTM5MzE1NDcxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 4AB2 		0
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDY2NTk2NzUxMjE5MAogIHNlcnZlcl9pcDogMTI2MDYyMjkxCiAgcHJvY2Vzc19pZDogMTM5MzE1NDcxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxODM3MTI0NzM3MTA2MDIwOTI5CmRlYnVnX2tleTogMTQzMjYyMzYwOTMwODQ0OTgxODkKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTIyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIwNzA1NjAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM3NTA0MwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x28672fd6d642e1070000000000000000","13":"0x88cfa75de249e6540000000000000000","14":"0x62b82d80630146db0000000000000000","15":"0xf33a4af8ea710f830000000000000000"},"debug_key":"14326236093084498189","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["11868943"]},"priority":"0","source_event_id":"1837124737106020929"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BE14 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12293
x-xss-protection
0
im-uid.js
dmp.im-apps.net/sdk/ Frame B728 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:620a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Wed, 22 Nov 2023 15:12:47 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
expires
Wed, 22 Nov 2023 18:12:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E3CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1y3TbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgTlAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmB5KvLSGpkjw9xYH75GBl1tpL7Ks3NDp9e83KI_Dk9o1EN_L1y0aOAEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA_oLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=Nb2-DtgIATE&uach_m=[UACH]&cid=CAQSOwDICaaNMg-QAMANC4T-heVhmjCRbYL6azR-01ZT4LVhoVvTYtrdWKoW7VehfmcPW7WORmv2frB--rxCGAE&cbvp=2&vis=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame E3CE 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kaqtEY_MXKwC-gGdg2ICAgAAAM4NWHBeXFzh8KlCbxBuGl5lvfENdCV-e4ZdawAAEgAACgpBUVVCQVFFQkFR&wp=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
166141
server
Kestrel
content-length
0
29okurnprew3
hal9000.redintelligence.net/zone/ Frame 4AB2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/29okurnprew3?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4335
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 89B1 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700665965&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700665965344&bpp=161&bdt=696&idt=521&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&correlator=1519949213336&frm=23&ife=1&pv=2&ga_vid=1436726785.1700665964&ga_sid=1700665966&ga_hid=619536653&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2312&biw=1600&bih=1200&isw=336&ish=280&ifk=464169405&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079605%2C31079759%2C31078297%2C31079653%2C44807763%2C44808149%2C44808285%2C44809054%2C318512601&oid=2&pvsid=4418162728053194&tmod=192479867&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.2sfu9bnx6tw3&btvi=1&fsb=1&dtd=536
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
372917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 07:37:31 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:12:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BE14 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 15:12:48 GMT
/
pips.taboola.com/ 		4 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6945-MXP
date
Wed, 22 Nov 2023 15:12:48 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 840B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
324783
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
get
audiencedata.im-apps.net/imuid/ Frame B728 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HFVSEHHEXMGF4HGPX9Y4V626
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Wed, 22 Nov 2023 15:12:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9df74202-fa6b-4322-99ca-412f3796252c-tuctc579fed&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Nov 2023 15:12:48 GMT
cache-control
no-store
server
nginx
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 23 Nov 2023 15:12:48 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame D0ED 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3422756810114795&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FkJPSqs8xNULCHclbb1bjpA%3A1700669564%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=88F68445-8154-41F6-83AC-658FE28AFC61&nel=0&eid=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806733&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html&dt=1700665968259&cookie=ID%3D57d39fd3944ed3a0%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MaZI5tWBugZrEViW7kjUThDGESelw&gpic=UID%3D00000cd86788a77f%3AT%3D1700665964%3ART%3D1700665964%3AS%3DALNI_MbBu0y10LH2vFNNIoRXaKQXmwDgwQ&scor=2234568347825649&ged=ve4_td4_tt2_pd4_la4000_er742.400.743.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900024.redintelligence.net/ Frame 4AB2
Redirect Chain
  • https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9784680092510&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
83486300101444504438466012516024
Connection
close
Content-Length
330
Expires
Wed, 22 Nov 2023 15:12:48 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9784680092510&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 22 Nov 2023 15:12:48 +0100
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4A7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
67656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 20:25:12 GMT
expires
Wed, 20 Nov 2024 20:25:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2E89 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b4fQWbtBJxmJ8GfemJ6bRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-b4fQWbtBJxmJ8GfemJ6bRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 15:12:48 GMT
expires
Wed, 22 Nov 2023 15:12:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 840B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
13649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 11:25:19 GMT
csi
csi.gstatic.com/ Frame D0ED 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp9wlvab&c=1519949213336&slotId=759974606668&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D668 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?opRPEQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame A4A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:25:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
13649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 11:25:19 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/ Frame 2E89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4418162728053194&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/kJPSqs8xNULCHclbb1bjpA:1700669564/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.243.37 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-243-37.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=229376-

Response headers

Date
Wed, 22 Nov 2023 15:12:48 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 229376-17211103/17211104
Connection
keep-alive
Content-Length
16981728
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 22 Nov 2023 15:12:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
199224
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
197559
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 15:12:48 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Fri, 22 Dec 2023 15:12:48 GMT
checksync.php
contextual.media.net/ Frame DFA1 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.208.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8528
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 15:12:49 GMT
expires
Fri, 24 Nov 2023 15:12:49 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame ACEC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
23703
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 22 Nov 2023 15:12:49 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2151, 99170
X-Served-By
cache-lga13626-LGA, cache-mxp6960-MXP
X-Timer
S1700665969.114889,VS0,VE0
pd
adpushup-d.openx.net/w/1.0/ Frame A661
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Wed, 22 Nov 2023 15:12:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 22 Nov 2023 15:12:49 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
/
onetag-sys.com/usync/ Frame 212F 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700665965483
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 3CE4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.10 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
23143
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 22 Nov 2023 08:47:07 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-id
2OueHGQj5jA2CHixzRUwbVKydjnJB3Xwup8hIThdmEEBy3iWEgtuUQ==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
/
csync.smilewanted.com/ Frame E65D 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a21ce24e000e4b-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 15:12:49 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 58AF 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 15:12:49 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame A93F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 22 Nov 2023 15:12:48 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
ixmatch.html
js-sec.indexww.com/um/ Frame 3DD9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
843
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82a21ce2dfb523df-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 15:12:49 GMT
expires
Wed, 22 Nov 2023 19:12:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 5ECC 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 22 Nov 2023 15:12:49 GMT
/
onetag-sys.com/usync/ Frame A36D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700665965351
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
activeview
pagead2.googlesyndication.com/pcs/ Frame E3CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqgcDI2eiBr1u-HP9fwI-DR2HUdqUJXPcjHTdxvyfg2EubIXxho0buKjfaedYtE4xgQAk6N8s7nxp4BWX_nAMNjwukRitgT26jzDEyBGu_KTeN1YOR&sig=Cg0ArKJSzOBOFWG978R_EAE&id=lidar2&mcvt=1170&p=60,450,310,750&mtos=1170,1170,1170,1170,1170&tos=1170,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700665966636&rpt=1181&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame B331 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Wt5zaT1CH9LeVvjw4o8j7trczsZ8oGAmm0qJstuJzw3GYsYnznq57qWx3ctts51fUxOQU7cARd0K0D7nmf4VZ1mxhHXfnTrc9o9pchqXB0JLNWTTK57zd5sdXNYBdIiofbfdF3fKgUqZME2BS9aGqJ1ztJt86LYxjDFViRVywSugvija1Htcp8nlNg7Adzb1ft7H2nVdpk8I8f52YIRZySjvYjq5iTs6GZfeX8qOruBU74vUi8hWQFm8bWLN3912FYxmcw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZV4abgAD6qMHg6PdAAE-AfqjGxl2zoQ1UYeolw&u=%7CEDj0M0QxehazKZbHlT12OZB9OW8dH8%2B9C3fOh89cQyA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplYhTIhsisz7L-Dkk9hHESOVcIXnNqaBp7zLFfdnJX654tuDN6Tm8a8xA7-fDn5tW_zL5Q-RrviIO44dVIB9xXqED9HMVSA3MfaBsSKAm0I8Kr8fsQItkHDzZqiI2iqoxBkghiaJYGgNnMT_2X2WzAspomhoALu-3Ia3Y6OLBjv729njGYDeHxUybM9-D8K8j4cr-psWx4VcrRlfIS-nlgYCWJE3x2CVGZMUT4vfUgB6ymHtrPfHh9YjJR1tPafzf1mqgTvGmu5-jRqA4XRQvH1zQ2tsHl6VYIZGNQm6CwgA1AtaHdigYlJjMKmMVox3J8rZYMkITyABwOaoTFKt_JQ3nVFxudsdX6TPRcZBLwmfIYwyZMWjUaSrNcy6t1gHIkNBhD6QRxVpLXq-8KYAtx-Ox1UkZl9mNJwEjMPkNeCOq_5rm1EkPv5U8FofaaE7tcqnIl1hmGKQ3K30TlXJXI2qxbOusSnzcbuqJ9Zaaszjxwtl2uKGVhJxbc911-H4GbTf7TVFRAuivmR3Vi5swQSg11LK4rm9YEtQlSO3blcveok1uJkpThutQbr9_Kmdu7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaYyIbhpeZaPVD93HjuwPgfyEkAHJntKxXNWdkfdwwI23ARABIABg9YWAgPwDggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAtSmKH7oSLI-4AIAqAMByAMCqgToAk_QGOhghUkxxGpftYNWik3Z59Aj20PAjpK_MoSYc743M12sHItpt5HBK71ndvd5rKU75D9mm1WllmF4WqXNfbDmZrpZy6RiASCyRuWYzFvRJOxHO8qgPAJ3jCb0-Sw0esZKK8UFZCPVHc1rbPFLLeWLnqdjE_7-k1a50BvSfCDwXqoSJJCW4407_zCCbF6OTMfXdaQV0hWhZnN_Iy6oxbSJxjPoeNONlbUBaNdNYRlNoiW35z_28LIUrtJwCsUpfrONWK1hcQybS28_Oyv3es1J6yOt1y9ga8G1LyPzgIlK_N-daEORawJaoBxFBUOcm0FyUV8b9js-Msea7kmtgG9VZ1ro88pmRB63fK4o8TswaEOX_IxxtLBNML9Yh37EzrH9qDue7ztWkaC0iCiFi14ErrvNS_nVs8Nc4UwvYmA7KNNAmgrz_nqIOGTKJrTJqpnABXltv1UIFJ-Z_PB2-Fvn5ciUgZbjO-AEAYAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MPoLAggBgAwB4g0TCPuGo7by14IDFd2jgwcdAT4BEtAVAYAXAQ%26num%3D1%26sig%3DAOD64_2lKnMB0R8q6jQMAes0ef43MNvXRg%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 22 Nov 2023 15:12:48 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
request_content.php
hal900024.redintelligence.net/ Frame 7FD6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=29okurnprew3&nw=20&renderingType=javascript&namespace=67dfd4f96e&subid=&uid=e4e6fccdabd8cd35&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKf3NbhpeZaZGk4GO7A_lo6G4C5HB0Jtpm-iDktwP8C4QASC6hMAzYPWFgID8A8gBCakC1KYofuhIsj6oAwHIA5sEqgScAk_QUV-M58sfJ5j_JLw2q4pPPsS5yq8TdNG0n013wVk2QyBt0Ck6LUG_GGbny3a0L582i2Q5imyEK36qJQM8LdQiLliuM3yt9FDuQ8xOTWd0WWtsG7kbre2Yy58dC5BbfN_Mavi2-mxG6IrWIM1y_4XSSnJgMEwk-X6cynnkFHN-CC79uM1YguyDJ2PbYjdydWl6Kerj_YoT4AQHHc0KysZAwddBP6hRBPoJs3U3QsnXC6Hr1Sw-W80rE2WRAh2jIRhv42Hoxdiajin8u3YN4fE_qlmeBjUJ53LefuO2oGXGH2VbUMhwrLhAHMIAzkFSyrWd8yzAmL5OrPQIFELlKMroHWP2RiSBdkG2pD7P1KtsKyYO9pP7beZiAK6rwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgdMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA5gLAcgLAYAMAaIMFCoSChDktLEC7rWxArW4sQK7u7ECqg0CQ0jiDRMI_feitvLXggMVk4CDBx3lUQi3sBOVtdEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE%26sig%3DAOD64_2mhcWr6OnasuH7W5FPypuYD_Zf1A%26client%3Dca-pub-8933329999391104%26dbm_c%3DAKAmf-A3iqFlEJycjUikJJhKUZ66Qqsjat3dwJJisg5MagNyPxgbjG2cEICgyep5uqKtn8zHt4xz4hZ1cG589oce-7r-KjlUbfmq-phRWSMVqjgBEPh-Uii2NYu7Pk7N_RKONj1RwFTEHs9lxV9_QE3FJgGR-YmE_6AVc_f9dOsoyECy5WI1Rus%26cry%3D1%26dbm_d%3DAKAmf-Au_J3ecuZPV1r-t7PvKRG-375EQVG_PgnA5fhoKR3UWDc8e7gmDan5B-EfZJ1e_QKChsIn3ucBgtjBC9huTtH5c1VKrCNaJPB3b_0tbWwD3bAlYzRJiU442C-BcjDegx-6vVnTizxlg3VfJ7D0eLAMpzaPSg2KB95vqswZkMzYDSJj9cYgGgOLCkMRNOX9OTOLkKQcF8BCA4HwHLAEQkeLbTS6aR0YsUH7h6EXHijEan9mZbXFAi0CpQIzY9y6PnxY-PoIVoGGaJSxJWa-as4n0EFnp2z7dvCH6fHtfggEY4l7vF1xjLSl-ItXzQ96Hv0FastB7h0A2N0z7ECmjedOSIxOhTwQPY0dLovH6F0ir90ZemwIYlwwxPQDl9D993Ma8PDmlle1vNIDTnuZh91HLISoRO28wvMcQtwnIClWq5bKjGfj--ELec-Paa0iP61L4VjmW_k7loc79JFZqDYJzEH8OMHrpusl78SPBvwPOPoLtW8UZBXapIz5AcAkv6at5mNnQdjY0o6BiVqMGKGmyjrbzssvhTbVBNHLiyTKt_kKw9pCMwllpWkuUI3O3Kh3A5vGrxT_Z0Jizz-sk5GmqZyhSUc3TU-5WzpNGTJr9qiJEAXykhLx1g4Nch-AO55MgUpt5oReRNlICLrnvTYf1nxhtf2hdcU3FMi5YAebOOh-Pio%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=9784680092510&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2287
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Nov 2023 15:12:49 GMT
Expires
Wed, 22 Nov 2023 15:12:49 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 58AF 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Nov 2023 23:36:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=30199
Connection
keep-alive
Content-Length
13230
Expires
Wed, 22 Nov 2023 23:36:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BBF4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
20854
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 09:25:15 GMT
etag
48472445140208031
expires
Thu, 23 Nov 2023 09:25:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4AB2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame A661
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=T5hJsEjMSrFUzErnS85RtE_OGLRUlR3sSp7LbDq8
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=T5hJsEjMSrFUzErnS85RtE_OGLRUlR3sSp7LbDq8
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=T5hJsEjMSrFUzErnS85RtE_OGLRUlR3sSp7LbDq8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame A661
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7623712943744125039
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7623712943744125039
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7623712943744125039
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame A661 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7cfc1ae4-06cc-8a6a-bb6b-6e708d5cb346
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DQ3DAEFTKS7RFJWW3WCN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame A661 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=242a6699-1a66-3190-7b65-ece7e56f78a6&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A661 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDg0NWI1NTMtZDMxMS02ZjM0LTZlODUtYjY1ZTJmOGRiNmM2
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A661
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcauerdYAs-6wpXFIpdj5E&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcauerdYAs-6wpXFIpdj5E&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIcauerdYAs-6wpXFIpdj5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 7FD6 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:34:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 05:34:33 GMT
S-970x90.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 7FD6 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-970x90.gif
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.75.147.170 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900024.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:49 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:53 GMT
Server
nginx
ETag
"5b55f219-5fce"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
24526
csi
csi.gstatic.com/ Frame D0ED 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp9wlvqi&c=1519949213336&slotId=759974606668&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44806733
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame ACEC 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
an-x-request-uuid
0d18acbb-f36b-468c-8b81-2c37be0af3f0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.10.106.5; 176.10.106.5; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CF2F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82a21ce58b6f0208-ZRH
content-encoding
br
content-type
text/html
date
Wed, 22 Nov 2023 15:12:49 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0oK3dUw%2BODyN58gSYiWSn7F5KNjRxrZ79W2g69hvqR8e9ymWhrosx6cMc%2B7YOXU3Pan5vMItPhwHgoc%2BH5SWLvNTSZuzAOaLQ2bPbgLDDXsegRg9qs%2FlZSHeRHUwEeAx34jfAdqiJYYkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame EABD 		0
0
/
onetag-sys.com/usync/ Frame C69C 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 3A1E 		0
0
usermatch
ssum-sec.casalemedia.com/ Frame E9A6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82a21ce6aa2d01eb-ZRH
content-encoding
br
content-type
text/html
date
Wed, 22 Nov 2023 15:12:49 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RNH3tmLXwJDfnQRlMKzb%2F%2BnGLTWAhlJaMQp4MMKw6LevlsM%2Fy%2FISvV20agJ9O49ooW8LX9T9PcucQCU7cITd5SksQa7wKraxbYfk8JjUZrmFkwTK%2F3CFpRKtp%2B%2Bkj7flnAhbg%2BqqB5urw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 15F3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Nov 2023 15:12:49 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 22 Nov 2023 15:12:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0393 		0
0
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame AD89 		0
0
user-sync
sync.adkernel.com/ Frame D5E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Wed, 22 Nov 2023 15:12:49 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame F74C 		0
0
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6634635518376245066
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6634635518376245066
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
an-x-request-uuid
787d1d13-a037-4aa6-a2b4-33e336e1547e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=6634635518376245066
x-proxy-origin
176.10.106.5; 176.10.106.5; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HswwvRZHBCPRWlXBSX-7sPqr
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HswwvRZHBCPRWlXBSX-7sPqr
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HswwvRZHBCPRWlXBSX-7sPqr
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 3CE4 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 22 Nov 2023 15:12:49 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
ad.turn.com/r/ Frame 3CE4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1700665969962
  • https://ad.turn.com/r/cs?pid=45&rndcb=4841029381
0
0
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5133329528946304826
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5133329528946304826
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5133329528946304826
Date
Wed, 22 Nov 2023 15:12:49 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 3CE4 		0
0
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Wed, 22 Nov 2023 15:12:48 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
redirectuser
ssp.disqus.com/ Frame 3CE4 		0
0
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-s3z6PZhE2uHY0l2ipW.mkcPr8EzzaScKmuJHN48-~A
date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 3CE4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.133.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-133-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
sync
ads.servenobid.com/ Frame 3CE4
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
54.171.91.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-91-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Wed, 22 Nov 2023 15:12:49 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Wed, 22 Nov 2023 15:12:49 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame E65D 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1852119
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82a21ce66d7a0e4b-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame BBF4 		0
0
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEOOA9_9yYRQbcdhbw5ABJqM&google_cver=1&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9Cb...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9CbXp2FisqFf7BDqYNZGouAogI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9CbXp2FisqFf7BDqYNZGouAogI
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 15:12:49 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 99C274A7D1744985BD796F02E2792A97 Ref B: ZRHEDGE1414 Ref C: 2023-11-22T15:12:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS2L5YJi9Ka3WBrnp-Od9H9LH8JbNeV_7kXAG9xaXuf3-cvPNXOv-hxzDiZQPwHDRUtNs9CbXp2FisqFf7BDqYNZGouAogI
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKvycCvf13eIFOZ2PdHw==
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELoqXAcoHoyBNn8lPBajbgU&google_cver=1&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZMCRgRgCehWXsKJ84n&google_hm=uPoi-aXLT1eR5JgcMear5AU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZMCRgRgCehWXsKJ84n&google_hm=uPoi-aXLT1eR5JgcMear5AU
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSybnfmHzQbczRqcwb6Wav3lmX8ZCNBudzpJnz-493tzUx6CuIfTVUQ_Gyqfis8z4GTJpCLTsRWNMZMCRgRgCehWXsKJ84n&google_hm=uPoi-aXLT1eR5JgcMear5AU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJm9DbEFARnkcCp4N5JO8tw&google_cver=1&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQr3FQ&google_hm=eS05aGtRNDJaRTJwRUdUYzZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQr3FQ&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSKQxqCMTtNKxhykkBjWSEgQ63XvMiSQGGpgK_tEkbpygFCS32G3rWL4QGHJRIwkg7E-k9OQdsq6Hk7cdTwDhxpRDQr3FQ&google_hm=eS05aGtRNDJaRTJwRUdUYzZXUUd0SzNhak54V1VzcE0uSH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKfayzPiv36SxA0DGe4GMys&google_cver=1&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaA...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKfayzPiv36SxA0DGe4GMys&google_cver=1&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3W...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NTQxNjE0NjA5NDg0NzM5NA&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NTQxNjE0NjA5NDg0NzM5NA&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaAc9aldavKYoE9YANqALSU
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTQ4NTQxNjE0NjA5NDg0NzM5NA&google_push=AXcoOmTxyjEcOSMiE6h9SwJo30ywogx4xx1VxRCUHO44M37D88ZP0WAY5BvWmHQ2iloi5lu7j3WwcYaAc9aldavKYoE9YANqALSU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN2x9GfqBLdtbyOCMHJkWjc&google_cver=1&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42jpMKnssyiP66fY2L
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42jpMKnssyiP66fY2L
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoxlhHA8CkK-6iksbBK93mm5Vx4H_NYd79oGzyYvADSjF28AfNj90zdPmxmxki0oZ8Dl_YpAPsrX42jpMKnssyiP66fY2L
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame BBF4
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQHACVu5ml0N-VNMQ5tp3zB4YtbipSfMtzo3HGHIGZYJZfOdpNZ-LA_PJCX9okfIjugevL5x-GuF8MvuUr9wPMw4VbKe_Hz&google_gid=CAESEOVWPg7WhzIEo...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVWPg7WhzIEoLF_QRR50Uc&google_hm=T1BVYzAyZDIwNTk0OTQxNGY0MGI1NjVkOTQ3MWJjYjI4MTE&google_nid=opera_norway_as&google_push=AXcoOmQHACVu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVWPg7WhzIEoLF_QRR50Uc&google_hm=T1BVYzAyZDIwNTk0OTQxNGY0MGI1NjVkOTQ3MWJjYjI4MTE&google_nid=opera_norway_as&google_push=AXcoOmQHACVu5ml0N-VNMQ5tp3zB4YtbipSfMtzo3HGHIGZYJZfOdpNZ-LA_PJCX9okfIjugevL5x-GuF8MvuUr9wPMw4VbKe_Hz
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOVWPg7WhzIEoLF_QRR50Uc&google_hm=T1BVYzAyZDIwNTk0OTQxNGY0MGI1NjVkOTQ3MWJjYjI4MTE&google_nid=opera_norway_as&google_push=AXcoOmQHACVu5ml0N-VNMQ5tp3zB4YtbipSfMtzo3HGHIGZYJZfOdpNZ-LA_PJCX9okfIjugevL5x-GuF8MvuUr9wPMw4VbKe_Hz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
324
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BBF4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Idrrcv5zxlOjx4KRnTcRW-sJlBz-U5AKyjbl3nYbs4v7CIv8QBq7Boo6J5YA6ENiRXlVleNQ
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usermatchredir
ssum-sec.casalemedia.com/ Frame CF2F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZV4abyeknWApKLJL0ncBIgAACK8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO0ktZnm5RfNATaNfM1X84o&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO0ktZnm5RfNATaNfM1X84o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pzu7m0ezHUMWx1cyfVD7BToksI1qQioLdU%2FjdPCZdW5zUu0ecGYIYFYYr6WheRk2t%2BUWfB%2BpczyL4Z5T6XgzoH7ipLQvHdS5iponvf853UtY5GMcyLQXDoEWAsNmXFUi06QyJPepVRcKLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a21ce80c5301eb-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO0ktZnm5RfNATaNfM1X84o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31327
i.liadm.com/s/ Frame CF2F 		0
0
dcm
s.amazon-adsystem.com/ Frame CF2F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZV4abyeknWApKLJL0ncBIgAACK8AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Nov 2023 15:12:49 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CZJAH98XCFBH5K315WFM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CF2F 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
index
dmp.brand-display.com/cm/api/ Frame CF2F 		0
0
indexexchange
sync.adotmob.com/cookie/ Frame CF2F 		0
0
ZV4abyeknWApKLJL0ncBIgAACK8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CF2F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZV4abyeknWApKLJL0ncBIgAACK8AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:4bb7:3e35:2446:7a5a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame CF2F 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame CF2F 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZV4abyeknWApKLJL0ncBIgAA%262223
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
44834
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82a21ce8dc1123df-ZRH
content-length
43
expires
Thu, 23 Nov 2023 15:12:50 GMT
viewability
hal900024.redintelligence.net/ Frame 7FD6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900024.redintelligence.net/viewability?s=83486300101444504438466012516024&a=26164c84&vb=m
Requested by
Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://hal900024.redintelligence.net/request_content.php?s=83486300101444504438466012516024&a=0a0d8026
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 22 Nov 2023 15:12:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame BEB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=1101773278214056&bg=!-_il-LfNAAZxrfrxUa07ADQBe5WfOEF1VBHMB_fjB8LMFWMdxuCuPU4YzIqnN3Tof83ZHJ6Tcz1HbIvsfm-StSnngpRrAgAAA7RSAAAADGgBB5kCxNAYw7Yefx9uecrPRY9Evxnpd67ZPVA9OteOSDIVKaPW9ZHL4J5BgPBlaHvVSVE0rXyEKToluOLFa7hjGDy1i2c0D_h2_zYEHI1TVE3TypGD6vgp2ykqBW8JXloPCGDcDs_1CZiZ53-tqVggdDWCup2Lk14KKlvFYhUAk0quSgWlDBLitwyipbJXIu8igVVlDyoBjFonKoa_Ms0j_Q_cm3COYmpnTTMgpUifQZ_vbZpl916ljtMWGYVCQgP9EkEBynQyyDz99PioVFy7RJnVUYx9ek-FKv8A8p6CgD5MKu0W1r5SlyNhPOnwOa4xRX9_g2vDlKPTuJnjvwXHa8KcCqJUmcn-0C8LZKJqfI78lar5767MWru6J-d2QT8ZBbaANv_Xhibd_dwWt-6RpcKjp4YH8lL7K37djfGqr-Xw4iwAThkQffJM0g415u227lqtQ7yauUUzDKGcRV94kpwT_z-0MzsOgK6nJitOggnvderJhJs7mb1W33VttJ_MKyk0GzEF74o-VlwUX3HonSCh30LJOHYGZAFDH15NME82D9UOyDyMnlEn0JOtjvUCvU8DCpYfRcIz_vokjQvj3nj8WcpWfDxDSlEOpxb2FCdGzb5J0GQhW9qhIFRIHO40Qaiu1zb1wIFrQo4TcrmfHpc1AMxUVZWcVAP8cM3r02K6oEU6Yg2tbK-Q3hqnTlPOtFiQSVJwjmyQ3WFY3nstdY1DYh6Y5-i6_BY2lczeXAYoDDyGmcBKoSn9u7HZ5KUflj50v9HAB4tNjYF2MHZGR9J1gCPRVgklX4diEhr-AZ8dF3Cdh3i5yfhCkRWSuonqchoJoiYjsGsaRwmD8A-jzwxECsx4wtsmBJuf0c8gouI3oZwZd3BcESGkUc6QN15vLZupwz0couQvVST1R_3-4YJOf4EBg0NSZhb1XLms_Jd0JNX50VynAg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 7FD6 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 840B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSebnbxpeZb6hH9OdjuwPnbWnmAUAAAAAOAHgBAI&bg=!lZalltnNAAZxrfrxUa07ADQBe5WfOBTcRdsO3-kqj_R9GtgHSEEwEJyBhbMNjkSZQbMWBCfkceBArvb7dKDEdJvM3KiVAgAABQBSAAAABmgBB5kDCFogllrPdiUvSF8nVc2EMa0sySmPf3Ht7UQtkKSP5mZK06fhuhqi3dJTkuJb_YBNLmVfMcPhj-tmAax1XKOX9WFvpfT3O77_FYqyNY1mzwmtBJUsyHBTXDSa0r9oJVT1VUJbkf9CD58d1J0FOUpN8u6MCmS2Keb1hv05SEALn5InIHS96ioeiGDvgVy5uUMEgB158QbFX_5ylNOKQdBvhslbJbb6uvaTA3eABCwov1TM1kwyY6TTyO9IvW4gArACpaLYWgS6PEFlJQ-tM6LlndUx_oSgem8EL5jq1gjdcLNyvzR1KICg-QBut4Gi6dFMFt7jPmP9_sfBx4AVauxdLLQ24KKwUxcwE3kZWCDsVRgW1A3j-xCC-D8gPLL6tXuqIbQltMC18l8R1LpQf0XXgNAnpRgudapYDvXA3NZhvlsfR4scnVV5fRIEmEMjfJpUJN7VYzrxV1xaRs2MJ3BA0HpNb_DfIaFuGkKdN3uyT8jRNNu57LDJ794hHllz0llGd4qqa8PIgBg8lObaCXb26QrIr8ViL-L0nYHlfxoe5LRMyOpkjBgeXhzCiaT4hsHEIsKTcU2dyrPCtJ3_ZCmoa3CFStEmkZb00wAT86XBHrd9iXRWkNQOcy238LWrl6CjXNY_8Q1bXd-fRR2X9cebLpdQpf0om62EipiYJBeSh2_kMC_YYynz7VnvbUGKOKb6q0FY9ntwn8xhl1wsAc4BgMP5IZ-UiNmiib-d55TAUQttfPXyHo7Hpo6u7dMrw9Bean_CmYKPKK6pt3jC9iG_Jr4iReU1kQF1k032betisBWkIe1o6J--FvdBwn38ATtUcRWEab9RgUi3eIimJxjpink_mfTuma3pGNIaNkIO-kA_UnYXC34YUL92auGJ3uFLLMaYQ8Pf9KjWeuvmnCix1tEYe_JgibaFJAKJPPWeaGyVQR2ZeZhTGefNGuo9nIyz-MT7xqkBGIPITMpk6lydHJMu3Q9J14W61q_3YPlf6anm72Dw4yRZg_QicIqb1tCdww0GEy4mr-wS
Requested by
Host: f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame EC9B 		0
0
getuid
sync.smartadserver.com/ Frame 8546 		0
0
getuid
secure.adnxs.com/ Frame 097D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 230D 		0
0
generate_204
tpc.googlesyndication.com/ Frame A4A7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?K86x0g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/mei-mei-zhong-guo-zai-xi-cang-xiu-jian-xin-fang-kong-zhen-di-hong-qi-9dao-dan-ke-neng-jin-zhu.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:12:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4917 		0
0
server_match
ice.360yield.com/ Frame 0155 		0
0
cm
u.openx.net/w/1.0/ Frame A383 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4AB2 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjpnpP1jbQrsVAc9KuV4gfLvzOhZMzqaZZV5H4XAOjk5hwDXQtF-9gSAcmIs55-HSfafTBQpLkCBztjXl0UZ4z3JTwDY-dBFhwTXzmnBAzjJL9Xh2mxsgAO9ZFlr5t&sai=AMfl-YSjEaPWqJ9X8PDrokfDqBfwhg-pk2Q941kVlTT4-TxZ5REjJHihJGtgd2mNZ9ag3qFHBOpyciw2wByeQc8Qo8EbLWzIs6Qci0JVAXQcuNGPEkXG-jMsrdcFbi4&sig=Cg0ArKJSzCWq1MJKeBUeEAE&cid=CAQSOwDICaaNw1w5-u9e_geBkUXsyvsSEXyaVE930IVBLIuCyHTOAIAAxTEEpfmIkOYLbfHaN7zqpwyeSQpsGAE&id=lidar2&mcvt=1034&p=1110,315,1200,1285&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700665966416&rpt=2814&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 15:12:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame CBF0 		0
0
cookie
cm.adform.net/ Frame 5BAD 		0
0
async_usersync
ib.adnxs.com/ Frame ACEC 		0
0
smilewanted
b1sync.zemanta.com/usersync/ Frame 7900 		0
0
31327
i.liadm.com/s/ Frame E9A6 		0
0
crum
dsum-sec.casalemedia.com/ Frame E9A6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6634635518376245066
0
0
ie
match.prod.bidr.io/cookie-sync/ Frame E9A6 		0
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame E9A6 		0
0
ix
ad4m.at/ad/sim/ Frame E9A6 		0
0
current
casale-match.dotomi.com/match/bounce/ Frame E9A6 		0
0
indexmatch
match.adsby.bidtheatre.com/ Frame E9A6 		0
0
ix
s.company-target.com/s/ Frame E9A6 		0
0
sync
ads.servenobid.com/ Frame E9A6 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3f317eb08b28f41671be27b519974d49.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/882d694ca77bedb62bd5baffe8f87126.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ca59f2474968258dbb833d42d66214ab.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/76e78cfaef4d839fb70bd5d6917c9f9b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/7b85be626426a7a798b85d28dcb49805.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ccdcad97ee99935ccc8bceef825cdad3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/059d8fef1b78c78a136ceadd57d61473.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a55dbfe47a5a5b6f551ea27f649d1b61.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/a84ba95ef6ce5fd3c0071709ed98304d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/62ddbcf18b5c2041abd09e3a3c08fe57.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d483e69449c038066b9b402079f5f782.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fea45555085819d0e8371ad205195c99.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/22b28090727ae61af38881d587c21b88.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ed7669c7bbf4bc3a8ba906ab252c7030.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/48e0ed76597a738b4dd55809b0ca55f8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7c7dbeab3ed11609b54be6391a05ef86.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/b13539d1dac1f03b8b77c54d195b63ea.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/12da108d534571072f0d684d40060af0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/68eda146d3915c0f82331bb2183eee8d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/afb4d52106890df09cef4494c0828761.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e15b747b89dfaecf8806ef1d3b59cf55.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/811b14e5d37a2918a118331b966ecf84.jpg?w=150&h=100&q=100
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Domain
cs-rtb.minutemedia-prebid.com
URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=45&rndcb=4841029381
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ssp.disqus.com
URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Domain
dclk-match.dotomi.com
URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJUQk3ltFYYfPN1r2ilqEjs&google_cver=1&google_push=AXcoOmRxKhTNmqXvsy8aFyV9oVDxvJ9jA3ja81X_gNnI47O_kern5ogjJdgUnfQ7OjVC7fanbxnRdebm4VH0nm13mkQOy8Wpz2U
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV4abyeknWApKLJL0ncBIgAA%262223&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
d.adroll.com
URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Domain
csync.smilewanted.com
URL
https://csync.smilewanted.com/drop_cookie_sw.php
Domain
sync.smartadserver.com
URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Domain
ice.360yield.com
URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
Domain
i.liadm.com
URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZV4abyeknWApKLJL0ncBIgAA%262223&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6634635518376245066
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZV4abyeknWApKLJL0ncBIgAACK8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Domain
ad4m.at
URL
https://ad4m.at/ad/sim/ix
Domain
casale-match.dotomi.com
URL
https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZV4abyeknWApKLJL0ncBIgAA%262223
Domain
s.company-target.com
URL
https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=333&uid=ZV4abyeknWApKLJL0ncBIgAACK8AAAAB

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

28 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/882d694ca77bedb62bd5baffe8f87126.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/7b85be626426a7a798b85d28dcb49805.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3f317eb08b28f41671be27b519974d49.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/76e78cfaef4d839fb70bd5d6917c9f9b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ccdcad97ee99935ccc8bceef825cdad3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a55dbfe47a5a5b6f551ea27f649d1b61.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/059d8fef1b78c78a136ceadd57d61473.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ca59f2474968258dbb833d42d66214ab.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d483e69449c038066b9b402079f5f782.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/a84ba95ef6ce5fd3c0071709ed98304d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/22b28090727ae61af38881d587c21b88.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/62ddbcf18b5c2041abd09e3a3c08fe57.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fea45555085819d0e8371ad205195c99.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ed7669c7bbf4bc3a8ba906ab252c7030.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7c7dbeab3ed11609b54be6391a05ef86.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/48e0ed76597a738b4dd55809b0ca55f8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/b13539d1dac1f03b8b77c54d195b63ea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/68eda146d3915c0f82331bb2183eee8d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/12da108d534571072f0d684d40060af0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/811b14e5d37a2918a118331b966ecf84.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e15b747b89dfaecf8806ef1d3b59cf55.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/afb4d52106890df09cef4494c0828761.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/fpe/42753/MAN_Data/Q0hfREVTS1RPUA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvbWVpLW1laS16aG9uZy1ndW8temFpLXhpLWNhbmcteGl1LWppYW4teGluLWZhbmcta29uZy16aGVuLWRpLWhvbmctcWktOWRhby1kYW4ta2UtbmVuZy1qaW4temh1Lmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

589a2de2f520fc258c621be717221702.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
adx3.adform.net
ajax.googleapis.com
analytics.pangle-ads.com
ap.lijit.com
audiencedata.im-apps.net
b1sync.zemanta.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
csi.gstatic.com
csm.eu.criteo.net
csync.smilewanted.com
d.adroll.com
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dmp.im-apps.net
ds.uncn.jp
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
f0bee3d298937a39e1b104b0e4906412.safeframe.googlesyndication.com
fastlane.rubiconproject.com
feedback.adrecover.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900024.redintelligence.net
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.liadm.com
ialaddin.genieesspv.jp
ib.adnxs.com
ice.360yield.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
js.genieessp.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.smartadserver.com
sync.teads.tv
t.adx.opera.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
casale-match.dotomi.com
cm.adform.net
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
csync.smilewanted.com
d.adroll.com
dclk-match.dotomi.com
dmp.brand-display.com
dsum-sec.casalemedia.com
g2.gumgum.com
i.liadm.com
ib.adnxs.com
ice.360yield.com
match.adsby.bidtheatre.com
match.prod.bidr.io
pixel.rubiconproject.com
s.company-target.com
secure.adnxs.com
ssbsync.smartadserver.com
ssp.disqus.com
static.bg3.co
sync.adotmob.com
sync.go.sonobi.com
sync.smartadserver.com
u.openx.net
ups.analytics.yahoo.com
103.231.174.251
104.18.36.155
104.20.219.77
13.32.27.10
133.186.12.12
133.186.12.18
138.201.84.252
141.226.224.32
141.226.228.48
142.250.185.198
142.250.186.162
147.75.84.158
151.101.1.44
151.101.129.108
151.101.65.44
152.199.21.70
154.59.122.79
162.210.196.208
167.235.184.171
172.105.213.147
172.64.149.180
172.64.151.101
172.67.10.198
178.250.1.6
178.250.1.9
18.197.219.206
18.197.41.124
185.106.33.48
185.132.133.134
185.180.223.67
185.84.60.23
185.89.210.153
188.42.34.64
192.96.203.13
193.0.160.130
193.108.153.6
2.18.160.23
2001:4860:4802:32::3
2001:4860:4802:32::36
209.54.182.161
212.8.243.37
213.155.156.164
216.52.2.39
216.52.2.48
23.218.208.23
23.218.209.56
23.218.210.30
23.32.185.35
23.37.42.132
23.50.131.75
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b902:6857:abc2:e420:ab40
2600:9000:223c:2e00:6:44e3:f8c0:93a1
2600:9000:2251:9200:1a:5235:f980:93a1
2602:803:c003:200::31
2606:4700:20::681a:567
2606:4700::6810:5814
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:26f0:480:25::1726:620a
2a04:4e42:400::649
2a05:d018:d29:3602:4bb7:3e35:2446:7a5a
3.248.171.173
3.71.149.231
34.111.113.62
34.120.63.153
34.98.64.218
35.157.214.172
35.186.193.173
35.186.253.211
37.157.2.229
43.206.65.221
46.4.10.49
51.75.147.170
51.83.220.94
51.89.9.253
52.223.40.198
52.48.186.244
52.59.133.66
52.70.1.191
52.95.126.138
54.171.91.135
54.92.58.92
64.74.236.31
69.173.144.137
69.173.144.138
76.223.111.18
77.245.57.72
81.17.55.98
82.145.213.8
046f02b6ce202212418290b200a1edbd029a4f55802aeab80a2037a2bc06cbcb
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0622ea9d23e60693346c14c77de2df2333e9b36babadccbc0d3a0d889d29b2e7
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d0155de7b1d4012a00c48fcd91fe45f72aab122a4500aef7c2397f703e917fb
10c1ba4154f66d4b0e41ec6ec566f81a784a79407dca9540fd2ff22ba3d6545a
14b8258a61e9708810dc58cd90b99b01dbb5e33b3b1317b285d165eeaff6c7e2
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
191d73e98d346c827c58080c9a8b16b26ee62079a1c295857ace70caefd54c87
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e0520615c91ba524f0ba6daa5113feec9cb2b883fa19313fb9d9eef6a9195bb
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2a89fc52e48d2c6ac580b984fc9b3e92ac5f809c782a5a61cfc15b7a6a358044
2c4c06f9bd54092e80089fcbf8600bcc3ea55f3b099fd9ccef43cb14e5743b05
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
348dad726d7573e10b2ac7ec19cb8b4beb567efd334c27cddaa973fb519431c2
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e2a68049a536ad17b94cd761052e7ebcf5e4184240bf6a6748e741c6193bbb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47e9772aade5d92d4b7a1145b1fbe499977b4b49af1725b8f5e3a71f6e8e1425
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4f37bec895692dba801be7539329c65a9bcadb9b74c2b68d86a30f3bbf7166b4
60a9f7d56233350b59ab96745a2327de726eba4f80a77dd1bd203c3f9e5ef6ac
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66672574adc0ead1853e948f5c1da0b36d0e19e922115e98dc474c9497023a4c
67c036b6926ef16a07e0ddbcb269bc1de182d6ffc7f493261e2b53399a3bb896
68001ca8bbc5c44c62345c01013eaca6eebf00968bd55df5614287fc6c1bc5d9
698e10cb5b2f613e3f71779e20d522ad5475e400483f0c6848038b7879fe03d5
69a37b579f17bd6f27553b82cd5f69480f38c95a09e8f2e31a36c1c76df7c449
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70
70239190370dc8b6eac2cd2352b203507ab0c0ca1aad58a6a3d686b2cdfd08bf
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7ef532d9520146357b2bfa7199faac6568619fd8ab1eb06fa88e8a14f0fa529c
7f66d59ff92c0971d1f27511dbed019307a1d66d799653c20001a715eb0f7f56
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9426567f042fca32ee04034ef8c83cf73aa1f698f8bf465a72671de0ecaaad74
97f9e0e84e1454040a5ece9adc201ef8b693d8b805c5e7a4627f6a8bacff400a
97fc3c5f72f39cbc5fd7a2fc73239291c84622ce10d8453f625d09298a15d0c5
99b01e9d64224a9950e9f2f7dd41304b681c567d63c77b83431d2219cdf48133
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ffd5e8712a5a14280558ed2a1de9b9a6983b21155b53c83b6c2d7fb99e5093d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a4d86b492c5fb931a5691fd786d45f68f9dd225fa1fd07823479cfb50199d3dc
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b490332083f0ca30d85d11966700da995d94b792e5ff404380137abd9cebf0b7
b4a1067de2116941c535478c84ca83c697006ae3eb04f880a0129ef4f4ac5924
bbcd3fb98bc87042eb6030f983044304226f0dd7d1e0fe85ffe60c22bd77f868
bdb27133aa0eb38f1c8b281ca86fc0be9c149ba73d047045da80b9344bb07972
c34330f716f2ba5ad3546335083d89c6e3d5b5251baf0e1ec3d5f9a692ccd0bb
c4f11d5ee2a95f5f8d31013abb3e3518f061bcf8c2a016ba8d7eccca64b8bc89
c6934568e6bc9d234b42c8b4cd6d329fb08a931be05057ad22411c8ffe9dbd68
c6f1048bf97e0daf6b9eba804c11f6d2ee6736726c3b8a5c4c3c42063383cf56
c84074baff8c27ab00dd84e9fdf57f94ca82c0fce2ad492c8302bb1ca109953d
c8934c75d7b6faf5e681a0d3fc7854a70876feebd7f613f792ffe35345486b16
ca0c978c9d8361a0509dad2dfac066d4a8968fc6a870bc893c4b5f40cff42419
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d523aae1d54605fc3dabf35448e4e4892eaefacaa33f086943d8b9aedd9c9f36
d95a208d385f15472a3f84befa681ba3d1454cb099c5d9617067a65d9f2dd49b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e01bb94a9ec195fa3cbae4da56ff0e42ea44439c83a398f7c4cd42432519e569
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e996a0721e504efb3a2614ffebf96811dc56a2cb84a585ae495d146f8e43035c
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ebecabde36c90a8dd9a2f347e1e633087b143ba28dcacdf58528da0b26cb5791
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
f434e78722abbbd9df23f9f3864cd2ecf3ae2ae92062e75452b17f4363c9ca72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8