urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Submission: On September 22 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 11 countries across 82 domains to perform 490 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 142.250.186.161 15169 (GOOGLE)
11 142.250.186.130 15169 (GOOGLE)
2 142.250.186.136 15169 (GOOGLE)
2 104.20.219.77 13335 (CLOUDFLAR...)
1 2 162.210.196.208 30633 (LEASEWEB-...)
3 104.26.5.103 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
38 151.101.65.44 54113 (FASTLY)
2 151.101.66.137 54113 (FASTLY)
1 178.250.1.11 44788 (ASN-CRITE...)
3 216.239.32.36 15169 (GOOGLE)
4 142.250.185.161 15169 (GOOGLE)
18 175.110.113.213 49981 (WORLDSTREAM)
5 142.250.185.130 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
4 151.101.193.44 54113 (FASTLY)
17 185.106.33.48 200478 (TABOOLA-AS)
2 91.228.74.200 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
7 104.22.69.131 13335 (CLOUDFLAR...)
2 12 104.18.26.193 13335 (CLOUDFLAR...)
1 3.66.233.77 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 3.66.153.128 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 178.250.7.10 44788 (ASN-CRITE...)
1 184.30.21.51 16625 (AKAMAI-AS)
3 35.186.253.211 15169 (GOOGLE)
3 4 37.252.171.149 29990 (ASN-APPNEX)
4 17 51.89.9.253 16276 (OVH)
2 145.40.97.66 54825 (PACKET)
1 52.214.251.135 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 213.19.162.41 26667 (RUBICONPR...)
1 4 192.96.203.13 30633 (LEASEWEB-...)
1 142.250.186.74 15169 (GOOGLE)
5 142.250.184.202 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
6 9 18.184.148.2 16509 (AMAZON-02)
1 1 178.250.7.11 44788 (ASN-CRITE...)
1 185.180.223.221 49981 (WORLDSTREAM)
3 185.29.132.241 30419 (MEDIAMATH...)
1 3 69.173.144.165 26667 (RUBICONPR...)
2 2 193.108.153.21 20940 (AKAMAI-ASN1)
8 15 69.173.144.139 26667 (RUBICONPR...)
8 21 142.250.186.98 15169 (GOOGLE)
3 4 185.86.139.101 201081 (SMARTADSE...)
3 35.244.174.68 15169 (GOOGLE)
2 6 52.46.130.91 16509 (AMAZON-02)
3 3 198.47.127.18 62713 (AS-PUBMATIC)
1 1 185.64.191.210 62713 (AS-PUBMATIC)
2 3 3.71.149.231 16509 (AMAZON-02)
10 15.197.193.217 16509 (AMAZON-02)
1 2 212.8.250.228 49981 (WORLDSTREAM)
8 141.226.228.48 200478 (TABOOLA-AS)
7 8 34.252.246.120 16509 (AMAZON-02)
43 172.217.18.98 15169 (GOOGLE)
6 184.30.22.30 16625 (AKAMAI-AS)
1 1 23.56.202.187 16625 (AKAMAI-AS)
1 18.66.97.31 16509 (AMAZON-02)
1 81.17.55.113 60781 (LEASEWEB-...)
7 142.250.186.66 15169 (GOOGLE)
1 142.250.186.70 15169 (GOOGLE)
5 190.2.150.144 49981 (WORLDSTREAM)
2 3.233.146.48 14618 (AMAZON-AES)
1 13.32.23.200 16509 (AMAZON-02)
2 185.170.60.43 27381 (CASALE-MEDIA)
14 172.67.74.129 13335 (CLOUDFLAR...)
2 3 52.95.126.138 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
2 142.250.184.227 15169 (GOOGLE)
4 142.250.186.35 15169 (GOOGLE)
30 142.250.184.193 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
1 185.84.60.21 198622 (ADFORM)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 1 154.59.122.79 174 (COGENT-174)
1 1 46.228.164.11 56396 (AMOBEE)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 216.52.2.39 32475 (SINGLEHOP...)
1 52.28.250.143 16509 (AMAZON-02)
490 74
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
cdn.ampproject.org
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
2    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
2    104.20.219.77 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
38    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    216.239.32.36 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com
18    175.110.113.213 (Pakistan)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-213.hosted-by-worldstream.net
ad.vidverto.io
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googletagservices.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
17    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.85.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    104.22.69.131 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
12    104.18.26.193 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    3.66.233.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-233-77.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    3.66.153.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-153-128.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    184.30.21.51 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
3    35.186.253.211 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    37.252.171.149 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
17    51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    145.40.97.66 (Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    52.214.251.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    192.96.203.13 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com
5    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
9    18.184.148.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.180.223.221 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.vidver.to
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    193.108.153.21 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
15    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
21    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
4    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
3    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    3.71.149.231 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
10    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.mox.tv
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
8    34.252.246.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-246-120.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
43    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
pagead2.googlesyndication.com
6    184.30.22.30 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.56.202.187 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.66.97.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-31.fra56.r.cloudfront.net
rules.quantcount.com
1    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
7    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
s0.2mdn.net
5    190.2.150.144 (Haarlem, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-144.hosted-by-worldstream.net
cdn.vidverto.io
2    3.233.146.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-146-48.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
1    13.32.23.200 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-200.fra56.r.cloudfront.net
d2q8xv8xf7whrd.cloudfront.net
2    185.170.60.43 (Netherlands)

ASN27381 (CASALE-MEDIA, CA)
a1112.casalemedia.com
14    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
3    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
30    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
tpc.googlesyndication.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
partner.googleadservices.com
1    185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
2    34.95.69.49 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    35.204.158.49 (Ascension Island)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    52.28.250.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
match.sharethrough.com
Apex Domain
Subdomains		 Transfer
77 googlesyndication.com
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
707 KB
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
trc.taboola.com — Cisco Umbrella Rank: 907
vidstat.taboola.com — Cisco Umbrella Rank: 3587
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
images.taboola.com — Cisco Umbrella Rank: 1957
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-match.taboola.com — Cisco Umbrella Rank: 13197
wf.taboola.com — Cisco Umbrella Rank: 3685
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
sync.taboola.com — Cisco Umbrella Rank: 1624
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
pips.taboola.com — Cisco Umbrella Rank: 1909
cds.taboola.com Failed
am-wf.taboola.com — Cisco Umbrella Rank: 13824
1 MB
39 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
pubads.g.doubleclick.net Failed
451 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
eus.rubiconproject.com — Cisco Umbrella Rank: 916
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
token.rubiconproject.com — Cisco Umbrella Rank: 764
50 KB
23 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30729
cdn.vidverto.io — Cisco Umbrella Rank: 40830
496 KB
17 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
9 KB
14 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10446
as.ad4m.at — Cisco Umbrella Rank: 29602
assets.ad4m.at — Cisco Umbrella Rank: 38846
245 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 803
a1112.casalemedia.com — Cisco Umbrella Rank: 471596
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
23 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18087
e3.adpushup.com — Cisco Umbrella Rank: 19655
283 KB
11 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
6 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
3 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1511
x.bidswitch.net — Cisco Umbrella Rank: 614
17 KB
9 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
6 KB
7 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 7516
csync.smilewanted.com — Cisco Umbrella Rank: 3971
static.smilewanted.com — Cisco Umbrella Rank: 15268
15 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com Failed
80 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
942 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 35724
sync.aralego.com — Cisco Umbrella Rank: 4312
2 KB
5 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2389
prg.smartadserver.com — Cisco Umbrella Rank: 2163
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com Failed
2 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
285 KB
4 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 1061
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image6.pubmatic.com Failed
2 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com Failed
3 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
90 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 2250
1 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
adpushup-d.openx.net Failed
7 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
341 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
dis.criteo.com — Cisco Umbrella Rank: 910
ads.eu.criteo.com Failed
rtb.fr3.eu.criteo.com Failed
1 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16071
41 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 2175
104 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10583
505 B
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42500
302 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
272 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
10 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 33779
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19210
c.statcounter.com — Cisco Umbrella Rank: 12701
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
179 KB
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
425 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332 Failed
626 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876 Failed
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012 Failed
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2199
670 B
1 adform.net
adx3.adform.net — Cisco Umbrella Rank: 65543
c1.adform.net Failed
cm.adform.net Failed
656 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
550 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
647 B
1 cloudfront.net
d2q8xv8xf7whrd.cloudfront.net
44 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
635 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 52748
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 12994
258 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3520
public.servenobid.com Failed
780 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1774
493 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
contextual.media.net Failed
1 KB
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com Failed
524 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
455 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
0 smartclip.net Failed
ad.sxp.smartclip.net Failed
0 smartstream.tv Failed
ads.smartstream.tv Failed
0 tryiqos.ch Failed
min.tryiqos.ch Failed
0 awin1.com Failed
www.awin1.com Failed
0 ck-ie.com Failed
us.ck-ie.com Failed
0 betweendigital.com Failed
ads.betweendigital.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 indexww.com Failed
js-sec.indexww.com Failed
0 adentifi.com Failed
rtb.adentifi.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 mediago.io Failed
trace.mediago.io Failed
0 yandex.ru Failed
an.yandex.ru Failed
0 bluevoox.com Failed
im.bluevoox.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 criteo.net Failed
static.criteo.net Failed
0 doubleverify.com Failed
cdn.doubleverify.com Failed
0 google.com Failed
www.google.com Failed
490 82
Domain Requested by
43 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
cdn.adpushup.com
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
d2q8xv8xf7whrd.cloudfront.net
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.bg3.co
30 tpc.googlesyndication.com 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
d2q8xv8xf7whrd.cloudfront.net
pagead2.googlesyndication.com
www.bg3.co
21 cm.g.doubleclick.net 8 redirects onetag-sys.com
www.bg3.co
googleads.g.doubleclick.net
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
18 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
17 onetag-sys.com 4 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
www.bg3.co
csync.smilewanted.com
17 il-trc-events.taboola.com www.bg3.co
cdn.taboola.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 images.taboola.com www.bg3.co
11 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
www.googletagservices.com
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
10 match.adsrvr.org onetag-sys.com
imprammp.taboola.com
am-match.taboola.com
www.bg3.co
ssum-sec.casalemedia.com
cdn.adpushup.com
9 pixel.rubiconproject.com 4 redirects onetag-sys.com
www.bg3.co
9 x.bidswitch.net 6 redirects imprammp.taboola.com
onetag-sys.com
8 pr-bh.ybp.yahoo.com 7 redirects imprammp.taboola.com
8 e3.adpushup.com www.bg3.co
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
d2q8xv8xf7whrd.cloudfront.net
www.bg3.co
6 assets.ad4m.at as.ad4m.at
6 ad4m.at cdn.adpushup.com
d2q8xv8xf7whrd.cloudfront.net
www.bg3.co
ad4m.at
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 eus.rubiconproject.com am-match.taboola.com
ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
6 s.amazon-adsystem.com 2 redirects onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
5 cdn.vidverto.io www.bg3.co
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 www.googletagservices.com securepubads.g.doubleclick.net
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
d2q8xv8xf7whrd.cloudfront.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
onetag-sys.com
4 www.gstatic.com 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
4 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 ups.analytics.yahoo.com 2 redirects am-match.taboola.com
3 image8.pubmatic.com 3 redirects
3 id.rlcdn.com onetag-sys.com
3 pixel-eu.rubiconproject.com 1 redirects onetag-sys.com
3 sync.mathtag.com onetag-sys.com
3 ib.adnxs.com 2 redirects cdn.adpushup.com
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 trc.taboola.com cdn.taboola.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 am-wf.taboola.com vidstat.taboola.com
2 as.ad4m.at d2q8xv8xf7whrd.cloudfront.net
as.ad4m.at
2 ssum-sec.casalemedia.com www.bg3.co
ssum-sec.casalemedia.com
2 ssbsync.smartadserver.com 2 redirects
2 i.clean.gg d2q8xv8xf7whrd.cloudfront.net
2 fonts.gstatic.com ad.vidverto.io
2 a1112.casalemedia.com cdn.adpushup.com
d2q8xv8xf7whrd.cloudfront.net
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 sync.taboola.com am-match.taboola.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 ad.mox.tv 1 redirects onetag-sys.com
2 ssbsync-global.smartadserver.com 1 redirects onetag-sys.com
2 ads.stickyadstv.com 2 redirects
2 prebid.a-mo.net cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
2 ads.aralego.com 1 redirects ads.aralego.com
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 static.smilewanted.com csync.smilewanted.com
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 um.simpli.fi 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
1 match.sharethrough.com 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
csync.smilewanted.com
1 ap.lijit.com googleads.g.doubleclick.net
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
csync.smilewanted.com
1 ums.acuityplatform.com 1 redirects
1 adx3.adform.net imasdk.googleapis.com
1 pips.taboola.com cdn.taboola.com
1 pixel.quantserve.com www.bg3.co
1 partner.googleadservices.com pagead2.googlesyndication.com
1 px.ads.linkedin.com www.bg3.co
1 d2q8xv8xf7whrd.cloudfront.net cdn.adpushup.com
1 s0.2mdn.net imasdk.googleapis.com
1 58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prg.smartadserver.com ad.vidverto.io
1 rules.quantcount.com secure.quantserve.com
1 vidstatb.taboola.com www.bg3.co
1 secure-assets.rubiconproject.com 1 redirects
1 imprammp.taboola.com vidstat.taboola.com
1 image2.pubmatic.com 1 redirects
1 ad.vidver.to www.bg3.co
1 dis.criteo.com 1 redirects
1 a4p.adpartner.pro 1 redirects
1 fonts.googleapis.com cdn.taboola.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 ads.servenobid.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 ad.sxp.smartclip.net Failed googleads.g.doubleclick.net
0 ads.smartstream.tv Failed googleads.g.doubleclick.net
0 min.tryiqos.ch Failed as.ad4m.at
0 www.awin1.com Failed as.ad4m.at
0 cm.adform.net Failed csync.smilewanted.com
0 us.ck-ie.com Failed csync.smilewanted.com
0 ads.betweendigital.com Failed csync.smilewanted.com
0 sync.1rx.io Failed csync.smilewanted.com
0 sync.richaudience.com Failed csync.smilewanted.com
0 image6.pubmatic.com Failed www.bg3.co
0 rtb-csync.smartadserver.com Failed www.bg3.co
0 cs.admanmedia.com Failed www.bg3.co
0 acdn.adnxs.com Failed cdn.adpushup.com
0 eb2.3lift.com Failed cdn.adpushup.com
0 adpushup-d.openx.net Failed cdn.adpushup.com
0 public.servenobid.com Failed cdn.adpushup.com
0 contextual.media.net Failed cdn.adpushup.com
0 js-sec.indexww.com Failed ssum-sec.casalemedia.com
cdn.adpushup.com
0 rtb.adentifi.com Failed ssum-sec.casalemedia.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
www.bg3.co
0 rtb.fr3.eu.criteo.com Failed www.bg3.co
0 sync.go.sonobi.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 dsp.adfarm1.adition.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 csync.loopme.me Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 trace.mediago.io Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 an.yandex.ru Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 im.bluevoox.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 b1sync.zemanta.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 cs.chocolateplatform.com Failed googleads.g.doubleclick.net
0 ads.yieldmo.com Failed googleads.g.doubleclick.net
0 c1.adform.net Failed googleads.g.doubleclick.net
0 ads.eu.criteo.com Failed googleads.g.doubleclick.net
0 static.criteo.net Failed cdn.adpushup.com
0 cds.taboola.com Failed cdn.taboola.com
0 pubads.g.doubleclick.net Failed imasdk.googleapis.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 cdn.doubleverify.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
0 www.google.com Failed 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
0 static.bg3.co Failed www.bg3.co
490 143
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.vidverto.io
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh

This page contains 63 frames:

Primary Page: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Frame ID: A87E5BD1EC9CA5962AC7B22131B36A3B
Requests: 203 HTTP requests in this frame

Frame: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE6BD97951AF11A89CD51FC7C74377DB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs3uO8HoOjNkgpP-4PF9lzMJVVlRjfLN__MMBzcP399837X-0f7dwZC1k17pTX2IqYnB3JYVvWxdEZ7uljxnL6OgEXRWKjiJVhTgK3y0DhxSPriDWU3Cu-MjWZWYF-SN8K6X1XUErbc_aUGussejcmxpJfqLjjCaNHRF09rKvCtV1xQrUMH-yIHGFWpywVIRkrW5Khi8fHsi6qLkpG0IgQmz2yZPqs99wAWDtl-yKFo5RbaXiAqkTL4lCLBOJhOWOgBI2a_oze_j1mWETyxc1_SsMfdLl2tnBtaCV5BZ7X29gecVUObXeenTfiMvy5ZqLlxA&sai=AMfl-YQFr9LWJ7KNggcPCxavCDJIEXrEO_mKhMb3eFfnqxlzllj23IFm77BCIM2HR_0XdaMfo-dPb5di6KDDKVBJjybQ5s_zYAh9xjO8lsF77fYoZnEvV57__Z56uAjlX_TBuXdwCzh6ThffvUXdDx1I&sig=Cg0ArKJSzCGsUNfCzhCEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EDBC00DA610F731FFC9253429C9F44BE
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: DF6B4839E0BC21099553B466C4B897CA
Requests: 16 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=undefined&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=7fec6fa1-9397-480f-a0a6-fff404402703&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 1D8715ECB2BB95CC1A786E056D781ED0
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8E760816E84B1AD44EC87B1A9533FB00
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 1DA418F0803F114ED73D780824D084A6
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 327DC4F5E1C7938EDBB955CA4CB9EB95
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FB64F7351B2BAB16AED94A7405EAA9B8
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 9029D8CF7114716304C75968D7639D83
Requests: 12 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: C95B8A114E2D7B607B95E429D3934B1C
Requests: 4 HTTP requests in this frame

Frame: https://58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AC83F93168C1DE9092544901C1FEF691
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: AD42B8C84194F9B4E76DE9BA59D3E727
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Frame ID: 96B37EEFBDEA9B36F3155F4EA3397922
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 44D96EE31675BA7B9DE1973C22E2743B
Requests: 1 HTTP requests in this frame

Frame: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 54A92C5B8547321F5EE961FEC3F97E5E
Requests: 13 HTTP requests in this frame

Frame: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Frame ID: 88B84267955FA40D2EC32E1257CF2F84
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Frame ID: 8BD648AB87273B2F47FF6D76FA3AED8F
Requests: 8 HTTP requests in this frame

Frame: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8B5764D330C838AE8078E6913382A34
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNXia023UenDB-gnliG3-VBukaWrRefeEaXAaHFUOmGaNUpiqWONbqSau7xhIz5Wek8KKBCkRzl8UdqE_R9BtuZ_e_FDfg
Frame ID: D61F1664E18FF317E2D42E1B50EAA1B0
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQ10RwAM6cUEf4yTAAdNSVNVYvFsGEOtFkzBeg&u=%7CnancNNeBwTkdSLLsxxFOax6PqYgpWlr8x0tT7DCeFsc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VI8Lb1LADPR86t9IilBGOQ9CO35yLX7tj9w66Kx6bRTlBp552TWN9vff-vuFyVKqDPa7OeZNo8rBVM_n4ZuVa79740ZHn1qhFlyBFjJEJUzgc6Ud-mXzr1ZSPzkhZaQQjIcwA8gKJGK0XGhZ6Gkl6DKXtWtzDKbjBRp3XkLCvOnKe6jML8GxASoCTQMDW_ifdORO9Zlokf57xwAkdLBdg0HK4gAoJXRDzwfwxhxn5zl9RCcTlieYorXbxsvmSs1EE3byx1AVUdy02GALy7tCoxJ6bKi71DZX80vtJcz3pwPFwoj-Mcx7EcQep2hDu4w4nh0JaJPZmjaEDNnH2GpTsCQ8agl0ZUHCHt0ojHptC4LZ674Y19V1_NBrP2O_weqlFCobFkra5S17g40uETmig07-2lKHTSrj96PpezJbXa995SnHdHx9Sc7AWGdcF2sWbm_6C6v40vbsJY_AGlgJjJhOCHFjV03Qn8jw9-ZDT99YB5EKgRgY2OmCvLXuvBq95aP1gRH4wOoeUVMz5A10UBEuDgiWbbpYpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZN5rR3QNZcXTM5OZ_tMPyZqd0AjJntKxXNWdkfdwwI23ARABIABg9e3HgdQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAuRd6Fr03rE-qAMByAMCqgTBAk_QsCTWO4Fd5hwgHpZ8rCN9_OqSex0DN85Dx1jwO9pYDGwVs128P7oNYDj4I2Iz1UPQybU86Asik1LjXFDO2l0MK9BNUVT-7G55U5dNxXeqOOMzm9jynXekASiMwuG3ylfPTUDGIY3H47PCcXYLmpz-up3hLJXLGWC-6cJ0BB5zk2zE25DqnoHnVQ4vVQyXVG0g-s8erDNu_VtuqXUM3TJ3kkSv7dUZBpHtiwwnJH4CHZTRBlCsksmb2AOd4Jbm8EeAGZoaRRhjULWo_VqwUaP9-1P1HvQPMbMQX9xORnT6UmDiIas2TpJy5q5A4CikBwg6JIcjAUema6H8bR2-xM6PLOUBEyHyRB0QdMuVLsQvKRsUFzgAVVoaZr2cwiJ2wprhZ2915lhXlx1kik-DzzA_4OIcD59fpOrtd5-XRShpH4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bLKNDhQhqwB8jLgxCS_fzRriWyg%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 0024F1AB6060944C08CA073C6505E1C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
Frame ID: CE4588E24F65EA0165C97520FF6C96EF
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B00FF31178626D9D5427FE98FAD3147
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 763DFD330407387505927B9401EF7F12
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A30AE376E0DAFFA5E56DA3B1D1B8EF61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CFECD47F67AD900CFD91B1C5F4C44E1E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20BF2F65926C272502CB47E07A6F3DC7
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Frame ID: C83D80F17E3CC68D56C1BA26341851D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 674C5CDAFBDD17F1931253E8F21324FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A6B1C111CCC585DAC1382744BCBC39E
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Frame ID: BF17859243479843AB21BB1BBF3A83DC
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 13F73999570809B37B8482AD70459371
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5ED8EE724096BC379782FEC44C5EE07D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Frame ID: A639A2F4D58C0634905F915C79A4F14C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Frame ID: 9EDB657E258ABE6433C00664CA1967DF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 76BC0F52393B005489B8AC599AC1FE7C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: AC01D0F3CD51B55B21C0710871A532B4
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 8D78C22B7C8A8AB5D4B650BC0925C51C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695380550093
Frame ID: 74623CBF8D60EAA995AFA54EBB20D8CA
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 11CC30676AEE046CAC17EF75DC73A256
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: AE9F123D71E584A7C733C3A506C17464
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 37FBD7174A925D830CF1F26E1ECD86A6
Requests: 2 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 4B3E59EE87451B5E125847A0B287D763
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5B98FECC2D4E260F85A8DFFBE1E37BC6
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0C12296E37DE8DB8CADB5E948B91CF27
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCDBB93B25E8D0642C6CD6AAACA79C80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F18DB7E41EE9280E80872C980B92A2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2370838BE197AF730C6C925E02EED149
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C16A5C6FDF4398071FC3A3D2704506EE
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 9FD7CB099453EDAFD2DAE8B478585C5D
Requests: 8 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: B57B1D50EE84525A120CB2901FD58B46
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: FF4B6A09C9306546F57782E194B7E27E
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Frame ID: 261C2C5082D8C817EF5831863D182517
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Frame ID: 71FB9F844E2BE0CB1D5A339E1F415F69
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: B68C137C47E4E5E94F7B1B325C2B27AA
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: CB5A8BE241D3C66038DD9E1A8388FEF5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/f9b6d94ac771c4d83119e0641958f8?gdpr_consent=&gdpr=0
Frame ID: 60970825C58BA6EDD8B110A480193DFB
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 07AED84E35CF69284ADA152927CB226D
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 6EA001E288DB3E43AB57E440185C5BC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2BAAF9A7E5AAAD069899A4D0CBEBFAC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF92BA68D1BB974964DCB9E4EA98909C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Frame ID: 47886334691C6AF77E4F891D9190A83A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNVj9_5pT3MkDbhguyrgQt_uFsRlPNrb3hWikNYrWbtvCnHuEksURZwL2RLdPnPLbe4XZb-wjK52_K3euWF4vqUhiFnIgg
Frame ID: 70A333DA9EDB351E5DDD826D8822DAE2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

威力彩衝9.2億!6面相天生帶財 中獎機率最高 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

490
Requests

68 %
HTTPS

0 %
IPv6

82
Domains

143
Subdomains

74
IPs

11
Countries

5360 kB
Transfer

18851 kB
Size

68
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 134
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Df5d4492b-89e6-47f5-972d-deb5ce48bbb2%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&p_id=23
Request Chain 135
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-v1QDExtPj0-svn5TKk7Dr5OWa2q6WuzpHqoNCA&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=ff8274a0-150a-40f3-8007-83e33490fdf2&p_id=15
Request Chain 141
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LMUHT0ZK-21-IWAD&gdpr=0
Request Chain 142
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5249776766648800446
Request Chain 143
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=94c5c95aa1636b5f23071f9a4f39010&gdpr_consent=&gdpr=0
Request Chain 145
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiryOMmmFDojAcC87-3dW2MfurL8G2HLIng
Request Chain 146
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=8624674787662534251
Request Chain 148
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iMZTQ9yKvY6bqMgz0PtdWq2BIwWDaklcDLCGJIVQVK4
Request Chain 149
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0UyMEZFMTEtNTMzOS00MkZGLTg1MkQtRDFBREFCNTVFNzAz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3E20FE11-5339-42FF-852D-D1ADAB55E703
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFS_NiRI5IU3qeeAC6zVXiQ&google_cver=1
Request Chain 151
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-24DwbuZE2uEEVLhD_rTkiij9CjiNz0d6rZUMFFc-~A
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Request Chain 154
  • https://ad.mox.tv/delivery/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5
Request Chain 166
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
Request Chain 169
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 170
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/b70908e9-76aa-3428-ad37-ff692c54945e?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cLyhUNxE2oXEzWmin0jgkzpVzDGWwtwcaVi4CQM-~A&redirect=
Request Chain 186
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMUHT0YQ-14-JN4K HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMUHT0YQ-14-JN4K
Request Chain 220
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=U0QSC71sQLKHOYSm_yhgBw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0QSC71sQLKHOYSm_yhgBw
Request Chain 221
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MjcwMjAwN2YwNjk2MGRhMDI4ZGYzMGM5MWMzOWQ2NzhlMzdiNQ
Request Chain 222
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=odRW-ReFQtG0OKh5G2tdww&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=odRW-ReFQtG0OKh5G2tdww
Request Chain 223
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMUHT0YQ-14-JN4K
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDc5uY-tDJncnrBCLx-_mAM&google_cver=1
Request Chain 226
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T_ZUT7dJDnIYvU1tIuSNWcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2oH1vU1E2oL.Ae.6KvD5vN3f1QBffhDD238xPQ--~A
Request Chain 227
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1VSFQwWVEtMTQtSk40Sw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAmqa6Jxb_BmYElmbOQ2y9o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1VSFQwWVEtMTQtSk40Sw==&google_push=
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
Request Chain 273
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQ10RwH-77UT8s5xuzaBIAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
Request Chain 313
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEI2SuHgQHuJgkAUnNGN_85M&google_cver=1&google_push=AXcoOmRBm1GTypbuE_uUQK76Ufhbg5pnTyfh0Uxy4BJoyUKbOxmnULNnriOEgSt7xfM9Ll8QEyiPTcIiMvGQg6zzyBN9sMVNuuAJTQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=_830750358622_
Request Chain 314
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsMLqoCvZ2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsMLqoCvZ2A&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Request Chain 319
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIL5lVLdS8H-jTk29Wweres&google_cver=1&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtyaVgZ1rTze2fx3_7lDz0JnEKXQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtyaVgZ1rTze2fx3_7lDz0JnEKXQ&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
Request Chain 323
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfoCR7t4uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfoCR7t4uw&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Request Chain 338
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA1bjlF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA1bjlF&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Request Chain 342
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIL5lVLdS8H-jTk29Wweres&google_cver=1&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_GtzyCUCJeVFKmbCOhQXMf1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_GtzyCUCJeVFKmbCOhQXMf1&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
Request Chain 357
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQ10RwH_77UT8s5xuzaBIAAACIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBJ50DDV3ixxS9Suyjb0vCY&google_cver=1
Request Chain 360
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5249776766648800446
Request Chain 363
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3950746303987600696
Request Chain 364
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=76D3EF1CEA0F483281FEE6027BABC5FA
Request Chain 407
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LlVr0YwrZ0rlGh3oHj4kHltnPyr8c5iopJZ3cX3vtn0
Request Chain 413
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ff8274a0-150a-40f3-8007-83e33490fdf2&google_hm=ZmY4Mjc0YTAtMTUwYS00MGYzLTgwMDctODNlMzM0OTBmZGYy HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF04e4tHm1l_5sZdtoEIlyo&google_cver=1&ssp=onetag&bsw_param=ff8274a0-150a-40f3-8007-83e33490fdf2 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=ff8274a0-150a-40f3-8007-83e33490fdf2&gdpr=&gdpr_consent=&us_privacy=
Request Chain 441
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/f9b6d94ac771c4d83119e0641958f8?gdpr_consent=&gdpr=0
Request Chain 471
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEFiwK2s7aioLWVyrM_IO734&google_cver=1
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBPjMgUHcE1nqrcDkDXlLMc&google_cver=1

490 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
www.bg3.co/a/ 		57 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
97819864a35fc3f3765cace495b83b7383da3b87eb3074661cfe7abc49397e67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Sep 2023 11:02:27 GMT
etag
"e231-/YcXBfdVloJN8hDLyOSw9TbufrA"
expires
Fri, 22 Sep 2023 11:03:27 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 11:02:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73017
x-xss-protection
0
server
sffe
etag
"1fbcd51b50b3cf51"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Sep 2023 11:02:28 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Sep 2023 11:02:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9641
x-xss-protection
0
server
sffe
etag
"c9c47f39b31037df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Sep 2023 11:02:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b4cb144b5dc8b9428834dc5060fbd1e8eb122af716c730c3d0751a7bf191e079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29395
x-xss-protection
0
server
cafe
etag
753 / 19622 / m202309180101 / config-hash: 17275398374163876192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:28 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
15f0ee70ff5fea7e04f655ab759e3a149103dd3d8ad0b896f19839e059af7fd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91153
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Sep 2023 11:02:28 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Sep 2023 16:10:40 GMT
server
cloudflare
age
31528
etag
W/"650c6b00-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80aa0e4d2b97b7c0-AMS
expires
Fri, 22 Sep 2023 14:17:00 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5415
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY72dppoODschaxYrS%2FqlsiUEe1jQ4bvvju6ufjaKZf4Zg%2BoXNvATHVIcBmmHBoGkmIbVktHUEjCTVxK5KPEtKlTISE%2FYXiVWsN7u50pbrNezk6YgpleDAGeI9Xiz7joxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80aa0e526a471c7d-AMS

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
e5418455c8aeb00641fe667756925987132c1054275a3d2065399105691fb277

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
age
10809
x-cache
HIT
x-client-device
desktop
content-length
10032
x-ap-device
DESKTOP
last-modified
Fri, 22 Sep 2023 07:00:48 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 22 Sep 2023 12:02:28 GMT
adpushup.js
cdn.adpushup.com/42753/ 		680 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F2) /
Resource Hash
785c563d051c6b061a0304c95e5b18594de61c5a995b63a40c2dcee46c3946a2

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
age
10809
x-cache
HIT
x-client-device
desktop
content-length
145165
x-ap-device
DESKTOP
last-modified
Wed, 20 Sep 2023 15:35:30 GMT
server
ECAcc (ama/48F2)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 22 Sep 2023 12:02:28 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		563 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bad67210ab571506d1f0826235b9097d7a7e9c7ff709b495f1dd378429d05ca4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
4x0Q5zGRPep6Lm1xQ5_zJwb1K3F40dRP
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:28 GMT
x-amz-request-id
KEMVJ8VEFV2MP9SW
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-from-cache
1
x-envoy-upstream-service-time
12
x-amz-replication-status
FAILED
content-length
55665
x-amz-id-2
Smy7X6PBylt6QVce8TnO3F1/S2qrT7mUgo7pszvlisomxIcFPr6nsEMIhEbAes806kTJ4pex3ik=
x-served-by
cache-ams21043-AMS
last-modified
Fri, 22 Sep 2023 05:43:33 UTC
server
nginx
x-timer
S1695380549.677729,VS0,VE20
etag
"69e4b37efaacb8f5ecbce880ad0ccde058920771"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
30
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
t.php
c.statcounter.com/ 		192 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=F29D9D988C384F28DA1AE154EAC4D4B7&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&t=%E5%A8%81%E5%8A%9B%E5%BD%A9%E8%A1%9D9.2%E5%84%84%EF%BC%816%E9%9D%A2%E7%9B%B8%E5%A4%A9%E7%94%9F%E5%B8%B6%E8%B2%A1%20%E4%B8%AD%E7%8D%8E%E6%A9%9F%E7%8E%87%E6%9C%80%E9%AB%98%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2353&sc_rum_e_e=2368&sc_rum_f_s=0&sc_rum_f_e=2342&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.219.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
80aa0e4dec46b7c0-AMS
expires
Mon, 26 Jul 1997 05:00:00 GMT
impl.20230920-27-RELEASE.js
cdn.taboola.com/libtrc/ 		810 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5c413de57e629fbba188d440b4d7e5f2e4458ce3be46973223d8b44caf071f52

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zyLQ67xZDBHOV7mI9yJbpTLPWcErwN.D
content-encoding
br
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:28 GMT
x-amz-request-id
C7BSYKW7J8C4EB7Q
age
20439
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171478
x-amz-id-2
epVZ9lBOZdPaNVpJpkU+N8TUtVVx0+GvGV5Mdt648TRy2yjW4kDE+ASPqkLs066oBURxJgAXC2U=
x-served-by
cache-ams21043-AMS
last-modified
Wed, 20 Sep 2023 13:21:49 GMT
server
AmazonS3-br
x-timer
S1695380549.867907,VS0,VE0
etag
"d21d0fc11919906291c7af244ef87480"
vary
Accept-Encoding
content-type
application/javascript
abp
80
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
15894
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
578345
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-ams21038-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695380549.334093,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
9, 2576
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
142449
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-ams21038-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695380549.334058,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 78144
sync
gum.criteo.com/ 		46 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
283822
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=13%3A02%3A29.005&lti=deflated&data=%7B%22id%22%3A629%2C%22ii%22%3A%22%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1695217899936%2C%22vi%22%3A1695380548999%2C%22cv%22%3A%2220230920-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html%22%2C%22vpi%22%3A%22%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3481%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2107.9375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fa551304be181c83a94bf8e17758598db3168a18c206e39f82b8658d10288ea

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
454
date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.1583333333333334
x-fastly-to-nlb-rtt
61227
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-ams21043-AMS
x-log-content-encoding
gzip
server
nginx
x-timer
S1695380549.031349,VS0,VE454
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39k0&_p=1180631796&cid=1067824878.1695380549&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695380549&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=%E5%A8%81%E5%8A%9B%E5%BD%A9%E8%A1%9D9.2%E5%84%84%EF%BC%816%E9%9D%A2%E7%9B%B8%E5%A4%A9%E7%94%9F%E5%B8%B6%E8%B2%A1%20%E4%B8%AD%E7%8D%8E%E6%A9%9F%E7%8E%87%E6%9C%80%E9%AB%98%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:13:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
10125
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131891
x-xss-protection
0
server
cafe
etag
12284941131365068139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 21 Sep 2024 08:13:44 GMT
0ec16193fbf94e8f04b4c82e83fe112c.jpg
static.bg3.co/imgs/202309/ 		0
0
30b40a8f653b1ad5a251d180e17ec544.jpg
static.bg3.co/imgs/202107/ 		0
0
d48c5706dc22f4af94e4fd215fa21d92.jpg
static.bg3.co/imgs/202107/ 		0
0
6867bbacaa6c840c0d4c2649cb566a17.jpg
static.bg3.co/imgs/202108/ 		0
0
82b8803da32e713a2191163eb823431d.jpg
static.bg3.co/imgs/202107/ 		0
0
6c1106bcfef9eaf08958b1901bef9b63.jpg
static.bg3.co/imgs/202107/ 		0
0
98543eb6deb01daae0e8f68c29eedd39.jpg
static.bg3.co/imgs/202107/ 		0
0
d2f763da9b212222ca279e8a2e9f5745.jpg
static.bg3.co/imgs/202309/ 		0
0
987d57254a7189384754d7e90a99bc92.jpg
static.bg3.co/imgs/202106/ 		0
0
e38fca65b55b2af8101db3e9a088bf3a.jpg
static.bg3.co/imgs/202309/ 		0
0
161e84cf02985bf705610a82440aeb39.jpg
static.bg3.co/imgs/202107/ 		0
0
467cb227b609d35f616ca8dbc1490b5a.jpg
static.bg3.co/imgs/202309/ 		0
0
3c5692996bc4b25f3fb783e706628fe1.jpg
static.bg3.co/imgs/202106/ 		0
0
1dfc46b2c93eedd5dab80a0bba0d7317.jpg
static.bg3.co/imgs/202105/ 		0
0
9a38b103e68cb48adfe08253963c5fb9.jpg
static.bg3.co/imgs/202309/ 		0
0
9718aa940447578490a9e60aa15438e0.jpg
static.bg3.co/imgs/202309/ 		0
0
e9fa4e55a3ac61829abf2f738f4b61cf.jpg
static.bg3.co/imgs/202106/ 		0
0
06499bfc1146ff431d2c18123b55aa06.jpg
static.bg3.co/imgs/202107/ 		0
0
f38a80bdf234993b48524005c11366be.jpg
static.bg3.co/imgs/202309/ 		0
0
3631166877745cc343f00038b60dfc78.jpg
static.bg3.co/imgs/202108/ 		0
0
96ebb50427060984d741e3241f3ccc55.jpg
static.bg3.co/imgs/202105/ 		0
0
f5d9eb8369f7b35f1e0aa4898a6943d6.jpg
static.bg3.co/imgs/202107/ 		0
0
bef354950e1169291832e2752c6adcad.jpg
static.bg3.co/imgs/202105/ 		0
0
08161d67507223938c2653ef805921c6.jpg
static.bg3.co/imgs/202105/ 		0
0
3081b722d7128b221cd95fbc0b10d9f0.jpg
static.bg3.co/imgs/202309/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012309082229000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 19:01:43 GMT
age
230446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"a25d3dc3efab77a0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 19:01:43 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012309082229000/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 19:01:43 GMT
age
230446
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3934
x-xss-protection
0
server
sffe
etag
"178fe5d904a50e55"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 19:01:43 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2441781182541192&correlator=237027779402486&eid=31078025&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695380549251&lmt=1695373349&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1067824878.1695380549&ga_sid=1695380549&ga_hid=1180631796&ga_fc=true&dlt=1695380548467&idt=755&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a6f58e53ac6db14f1a025b5c5cb8b0d854642f298d67febd59f980f0836b55dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12511
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE6B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:29 GMT
expires
Sat, 21 Sep 2024 11:02:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EDBC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs3uO8HoOjNkgpP-4PF9lzMJVVlRjfLN__MMBzcP399837X-0f7dwZC1k17pTX2IqYnB3JYVvWxdEZ7uljxnL6OgEXRWKjiJVhTgK3y0DhxSPriDWU3Cu-MjWZWYF-SN8K6X1XUErbc_aUGussejcmxpJfqLjjCaNHRF09rKvCtV1xQrUMH-yIHGFWpywVIRkrW5Khi8fHsi6qLkpG0IgQmz2yZPqs99wAWDtl-yKFo5RbaXiAqkTL4lCLBOJhOWOgBI2a_oze_j1mWETyxc1_SsMfdLl2tnBtaCV5BZ7X29gecVUObXeenTfiMvy5ZqLlxA&sai=AMfl-YQFr9LWJ7KNggcPCxavCDJIEXrEO_mKhMb3eFfnqxlzllj23IFm77BCIM2HR_0XdaMfo-dPb5di6KDDKVBJjybQ5s_zYAh9xjO8lsF77fYoZnEvV57__Z56uAjlX_TBuXdwCzh6ThffvUXdDx1I&sig=Cg0ArKJSzCGsUNfCzhCEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Sep 2023 11:02:29 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDBC 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:32 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CC) /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
age
675086
x-cache
HIT
x-client-device
desktop
content-length
122286
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
ECAcc (ama/48CC)
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 11:02:29 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48CB) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
age
3643371
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (ama/48CB)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 11:02:29 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AA) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
age
675086
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (ama/48AA)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 11:02:29 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTUzODA1NDk0NjYsInBhY2tldElkIjoiMDAwMEE3MDEtOGUyOTg4MzMtYTRhYi00MWNmLWE3ZDktNzA3MDhjMjcyZDMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dlaS1saS1jYWktY2hvbmctOS0yeWktNm1pYW4teGlhbmctdGlhbi1zaGVuZy1kYWktY2FpLXpob25nLWppYW5nLWppLWx1LXp1aS1nYW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3063.7999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUzODA1NDk1NzgsInBhY2tldElkIjoiMDAwMEE3MDEtOGUyOTg4MzMtYTRhYi00MWNmLWE3ZDktNzA3MDhjMjcyZDMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dlaS1saS1jYWktY2hvbmctOS0yeWktNm1pYW4teGlhbmctdGlhbi1zaGVuZy1kYWktY2FpLXpob25nLWppYW5nLWppLWx1LXp1aS1nYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3175.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUzODA1NDk1ODQsInBhY2tldElkIjoiMDAwMEE3MDEtOGUyOTg4MzMtYTRhYi00MWNmLWE3ZDktNzA3MDhjMjcyZDMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dlaS1saS1jYWktY2hvbmctOS0yeWktNm1pYW4teGlhbmctdGlhbi1zaGVuZy1kYWktY2FpLXpob25nLWppYW5nLWppLWx1LXp1aS1nYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3181.599998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTUzODA1NDk1ODgsInBhY2tldElkIjoiMDAwMEE3MDEtOGUyOTg4MzMtYTRhYi00MWNmLWE3ZDktNzA3MDhjMjcyZDMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dlaS1saS1jYWktY2hvbmctOS0yeWktNm1pYW4teGlhbmctdGlhbi1zaGVuZy1kYWktY2FpLXpob25nLWppYW5nLWppLWx1LXp1aS1nYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI4NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF8zMzZYMjgwXzg2MWUwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M18zMzZYMjgwXzg2MWUwZjVlLTE0ZjAtNGZlMC1iMWY2LTM1YTI4ZjMzZDIyOCIsInNlcnZpY2VzIjpbNV0sImFkVW5pdFR5cGUiOjh9XSwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3184.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		931 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2441781182541192&correlator=3107281182447634&eid=31078025&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&arp=1&abxe=1&dt=1695380549595&lmt=1695373349&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1067824878.1695380549&ga_sid=1695380549&ga_hid=1180631796&ga_fc=true&dlt=1695380548467&idt=755&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_4_0_pv%26cluster_reporting%3Dchrome_DESKTOP_4_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv6_c&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3d4b63edc4bbac0ba5e3b9361d54dda00ccd5900975cf6f216beb438f59985c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 12:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
80670
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13596
x-xss-protection
0
server
cafe
etag
6741345839911793024
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Sep 2024 12:37:59 GMT
floating-unit.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74cff7bc2632d11ec87acda8874c2fd0372cfb64fa857dd1e30a7c4c2801e178

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6Dy6N1Fl7MAjLo6j8V.QZT6EPBt_9bB7
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
SMMD8RK38D2V5VH1
age
59754
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
YThzIUQ/e5gWIas5HzOUGNYCOLrPA4GQTAPYx7KpoNzhhsxCDE4Pt0BiaehbKTXuJIEOYKjhfy8=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:36 GMT
server
AmazonS3
x-timer
S1695380550.626031,VS0,VE0
etag
"a0ef1e98322146514277b00d3afd92f4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2534
taboola-vignette-new-scanning.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a697f509eadb62f8477552564e5e8249b4b4b0550bdde73024c9dde02c285c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
69NLlak.H.rkyw20Wtx8.DbQPrcYfBRM
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
2F81PX34NXBVP0PB
age
59735
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8020
x-amz-id-2
7if96xjNUG0sVd5a8hIotRkXOYr9GtFUPSe1zUOC+oBSJmKSXmb1k3QGVOkrb8lFtmuFTUU0l5Y=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:54 GMT
server
AmazonS3
x-timer
S1695380550.626027,VS0,VE0
etag
"3f6c2208c05214db78373766a4f9b69a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
53
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1165
distance-from-article.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc7692cec5b5fb398b7cb99760f39071969c674103018e07221fbb0046227ce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_vylvxIgRNFxtk4252Q6B0nOlozVHAe0
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
E88R2JZ5WCF9WQ2Y
age
59763
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
mlFnNZxuJlXHHGZM2VdBe4dra2EQ3oCaPkq6Dcdnv1kVvOhXNrwMUWM2AuhfYjCz0Nu61K9Ak8s=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:26 GMT
server
AmazonS3
x-timer
S1695380550.657050,VS0,VE0
etag
"5362edb5947d6818277e58444aa13c42"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24505
article-detection.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecedae9d9bd8da80442389273ce409f31a27829736bbc659b5aa9d5fd1089495

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nOALXInSDzP4j48l5JCozsCA2mpiAk8J
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
MSSQVWFV9JQ66NJT
age
59770
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1293
x-amz-id-2
OwfVBQxRTRYWdjWrsDVDn9TOuY4Dx+30JdFXJ6wiJXNGFQJs64HIb8NqCSt8rRkfMjRxLCNzMAI=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:19 GMT
server
AmazonS3
x-timer
S1695380550.657049,VS0,VE0
etag
"68d9b1749f8cf3b949b9a0d0afb3d085"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24529
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.2/ 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
711bcd85a0aa2b5fe66c4646a822a776ed0f2f2aab66b580b6097ae23f0fa4b9

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 8dea89f951a7387e4ebbfe70f982f4a4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
177614
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
36690
x-served-by
cache-ams21053-AMS
last-modified
Wed, 20 Sep 2023 09:41:17 GMT
server
AmazonS3
x-timer
S1695380550.785518,VS0,VE0
etag
"8c07dc1387317cc2c5ba16f4a2a5bd0d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
CDkfqpQ7_TOtCYxCZs253wid64t-ekoimBslCNFQ0_17UMoKJXJLvg==
x-cache-hits
3444
feed-card-placeholder.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92d97991ec6e9a526f12410ab0994c15fbfc2a6aece69330c8cdcb59563d6250

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
q5XLw2kuu3ON1iWol8eCby7dCcfawT6j
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
FM1D74MN7KM6VK4N
age
59759
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
03fxIqEIMdtELZl478fe8kdV/oISKmkBQ0BI2cbBmkmFT3ItF5T5HFoTNp6r8LTM515Sftje/C4=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:31 GMT
server
AmazonS3
x-timer
S1695380550.656977,VS0,VE0
etag
"559218901185e02ee46d99953dcc0c58"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
20546
userx.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
989b69cc4a7a74df2bb81583b9bba4187bba1408e28e77adf771d7a9102bc9e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Q8DjN9j2BVCIVvB4jZ8SJ3JvQjWrTqDa
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
PK861RNBM6HKY6E8
age
59732
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
gO8Ird4S83Q/alUqekvdcGvIDOVuR1Yz8ypcF+iyMsVMy15SqxGL4Jt6xSarcPZN0w1LBNozUXI=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:58 GMT
server
AmazonS3
x-timer
S1695380550.677660,VS0,VE0
etag
"ec3505ddb7b37d1ce4641b0edef9e116"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
64
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3873
explore-more.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
014d98184c6d1852e7b771a5c28fe6cf6da165532a6c559785e58d03f5c200e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
HUE8u4RtXSaF3zEuwOnxPjGCslmeh41k
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
V8H77TK5XG8KG2JF
age
59761
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7707
x-amz-id-2
Bip6KUphTKlMUtaIPa+9is+D2CHAY6vTX5qfObGc4scv7OzbcsowTBGK5Yswz9avzYw4xWxQrQE=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:29 GMT
server
AmazonS3
x-timer
S1695380550.677635,VS0,VE0
etag
"2b2983fa3a082ecd8f84834c9bb032c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9632
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A02%3A29.614&id=4983&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1695380549615%7D&tim=13%3A02%3A29.615&id=1320&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1695380549624%7D&tim=13%3A02%3A29.625&id=2515&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A29.654&id=2980&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.657&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=5412&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.658&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1833&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.662&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=2789&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.663&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5442&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.667&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4889&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
TZRV815EMAFY1JBF
age
30
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
v5SDmim5AHD1xUYx+tpwQ3ehER8nJJjDtZKSR7zLZUfaHgPhMWhJVk4BNKiXJLg3LG/QSQSHEMY=
x-served-by
cache-ams21043-AMS
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1695380550.685509,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
62
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
14
block.jpg
delivery.adrecover.com/ 		631 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1695380549687
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 21 Sep 2024 11:02:29 GMT
date
Fri, 22 Sep 2023 11:02:29 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
3110225
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTUzODA1NDk1NzgsInBhY2tldElkIjoiMDAwMEE3MDEtOGUyOTg4MzMtYTRhYi00MWNmLWE3ZDktNzA3MDhjMjcyZDMyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3dlaS1saS1jYWktY2hvbmctOS0yeWktNm1pYW4teGlhbmctdGlhbi1zaGVuZy1kYWktY2FpLXpob25nLWppYW5nLWppLWx1LXp1aS1nYW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3286.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3b81ea77193cef7e60595347b4c11fd4528cec7133075aba100d37f5ce9c5cf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
545
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_720%2Cw_960%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
154889
edge-cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, MISS
x-envoy-upstream-service-time
402
req-referer
https://www.bg3.co/
content-length
108920
x-request-id
466c78ae91881447ca566e41c3d38d10
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kjyo7100121-IAD, cache-iad-kiad7000034-IAD, cache-ams21043-AMS
last-modified
Sun, 10 Sep 2023 20:32:02 GMT
server
nginx
surrogate-reporting
width=1194,height=896,bytes=179786,owidth=1344,oheight=896,obytes=2099614
x-timer
S1695380550.734468,VS0,VE545
etag
"e00df394c71531c4b5ea0c7f18e73922"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2074425
edge-cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
276
expiration
expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gazzetta.it/
content-length
83890
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kiad7000042-IAD, cache-iad-kcgs7200070-IAD, cache-ams21043-AMS
last-modified
Fri, 11 Aug 2023 15:43:40 GMT
server
nginx
x-timer
S1695380550.734499,VS0,VE1
etag
"81f305b7f9c27554fb01203c3e1001ff"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 34, 1
49a65433a0e00aa6375452e026770fa8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b02dcc8bd959fe51fe0a1fc45f404f8625615f6c0af6e773d74a69bc5efe59b2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
age
2997816
edge-cache-tag
301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
205
expiration
expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://coinchapter.com/
content-length
15846
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kcgs7200167-IAD, cache-sna10720-LGB, cache-iad-kcgs7200124-IAD, cache-ams21043-AMS
last-modified
Sun, 30 Jul 2023 10:04:53 GMT
server
nginx
x-timer
S1695380550.734444,VS0,VE1
etag
"29b44a453c455f5dcd8e23a9ea663c1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 24, 1, 16, 1
d183cea80071ab12d66f3656a3cb8e9f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d183cea80071ab12d66f3656a3cb8e9f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01706ab04c44c3dd1786171206106215c5941ae74c43ab28c3843ad935f06839

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d183cea80071ab12d66f3656a3cb8e9f.jpg
age
2141680
edge-cache-tag
619512232700570597583241391338254649241,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
619512232700570597583241391338254649241,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
144
expiration
expiry-date="Mon, 18 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.all-in.de/
content-length
24038
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kjyo7100152-IAD, cache-iad-kcgs7200149-IAD, cache-ams21043-AMS
last-modified
Fri, 18 Aug 2023 20:22:31 GMT
server
nginx
x-timer
S1695380550.816068,VS0,VE5
etag
"94a433d28851deeaa77875677ec36e1f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 264, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5297acd1bdcaee4b9e3ef707070bc668c22d42da34e611f0e681f085248cc1d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
845355
edge-cache-tag
565218022308872277084972768976654244803,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
238
expiration
expiry-date="Sat, 16 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fcinter1908.it/
content-length
58406
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100056-IAD, cache-iad-kjyo7100056-IAD, cache-sna10745-LGB, cache-iad-kcgs7200121-IAD, cache-ams21043-AMS
last-modified
Wed, 16 Aug 2023 11:05:12 GMT
server
nginx
surrogate-reporting
width=1440,height=720,owidth=1440,oheight=1080,obytes=396228
x-timer
S1695380550.842205,VS0,VE4
etag
"571ef71e2d774645ad816a47d024db90"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 9, 1
86e7a659-2242-4e17-aa3b-796bf72645e5__45IyNjn1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/86e7a659-2242-4e17-aa3b-796bf72645e5__45IyNjn1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba37c2757fd3663d832c6076d5e517c7616f576c2d21cc38c971d7db2cb26fe0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/86e7a659-2242-4e17-aa3b-796bf72645e5__45IyNjn1.jpg
age
3177199
edge-cache-tag
518864970397881008504115314976597267970,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
518864970397881008504115314976597267970,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
68
req-referer
https://www.gazzetta.it/
content-length
9734
x-request-id
d6564bca042522c419ce3ca5b58320fb
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200093-IAD, cache-iad-kiad7000058-IAD, cache-iad-kiad7000115-IAD, cache-ams21043-AMS
last-modified
Wed, 16 Aug 2023 14:58:05 GMT
server
nginx
x-timer
S1695380550.900317,VS0,VE1
etag
"8a3badc7d59f4777ce98ac58b9241a60"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 15, 1
charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc28d0a176f35b35fa18e9aa2e30a1f7e748abf0860edc1b12c7bcf7ab6f6ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/charlene-von-monaco-imago1012358221h%2Cid%3D0e0a28a1%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D5.80%2C17.42%2C95.80%2C93.39%2Crm%3Dsk.jpeg
age
1922199
edge-cache-tag
427087311953370252403554451481363684918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
427087311953370252403554451481363684918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
626
req-referer
https://www.t-online.de/
content-length
4382
x-request-id
2da81ebd420f54cab5193551e73c46dc
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kcgs7200084-IAD, cache-sna10731-LGB, cache-iad-kiad7000060-IAD, cache-ams21043-AMS
last-modified
Sun, 20 Aug 2023 23:28:38 GMT
server
nginx
x-timer
S1695380550.921751,VS0,VE2
etag
"1e15d59b9d245cc44814aec23b4c519c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 386, 1
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
2060982
edge-cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
274
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.sueddeutsche.de/
content-length
94302
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100128-IAD, cache-iad-kjyo7100157-IAD, cache-iad-kjyo7100132-IAD, cache-ams21043-AMS
last-modified
Mon, 14 Aug 2023 17:13:56 GMT
server
nginx
x-timer
S1695380550.931149,VS0,VE2
etag
"78af0e2d92f1d0853f93e08bf0474e82"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 76, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01bb7f1459cb1ca872a96ae3f39703a771b599a2690d60ae83b4f361c5c56349

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
1243689
edge-cache-tag
565218022308872277084972768976654244803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
320
expiration
expiry-date="Thu, 14 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://duckswire.usatoday.com/
content-length
68200
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200082-IAD, cache-iad-kjyo7100129-IAD, cache-iad-kjyo7100124-IAD, cache-ams21043-AMS
last-modified
Mon, 14 Aug 2023 13:43:57 GMT
server
nginx
x-timer
S1695380550.989664,VS0,VE1
etag
"721e223d6a9925c980e72e76d9ca7a74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 57, 1
49a65433a0e00aa6375452e026770fa8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05417da29cf6f9b28185aea55a81c2ce947c33a45c082a3a126173b5a5a210c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
age
2997816
edge-cache-tag
301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
301222070070333916538293516185212795574,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://posts.careerengine.us/
content-length
45524
x-backend-name
LA_nlb201
x-served-by
cache-iad-kjyo7100166-IAD, cache-iad-kcgs7200167-IAD, cache-sna10721-LGB, cache-iad-kcgs7200136-IAD, cache-ams21043-AMS
last-modified
Sun, 30 Jul 2023 10:04:53 GMT
server
nginx
x-timer
S1695380550.013050,VS0,VE1
etag
"29b44a453c455f5dcd8e23a9ea663c1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 43, 1
d183cea80071ab12d66f3656a3cb8e9f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d183cea80071ab12d66f3656a3cb8e9f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3becf036b93d6e639c31e56a2d9f04c48accd177987f2a36b11d3158b719d678

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d183cea80071ab12d66f3656a3cb8e9f.jpg
age
4556246
edge-cache-tag
619512232700570597583241391338254649241,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
619512232700570597583241391338254649241,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
331
expiration
expiry-date="Fri, 18 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.braunschweiger-zeitung.de/
content-length
62104
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100107-IAD, cache-iad-kjyo7100092-IAD, cache-chi-klot8100032-CHI, cache-iad-kjyo7100134-IAD, cache-ams21043-AMS
last-modified
Tue, 18 Jul 2023 07:30:08 GMT
server
nginx
x-timer
S1695380550.105974,VS0,VE1
etag
"94a433d28851deeaa77875677ec36e1f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 1, 49, 1
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 29 Sep 2023 11:02:30 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230922
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f87fe7b3c29bf69c660a53a622c8ade0ccca9c718ea2293a1d9ee01480325901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25301
x-jsd-version
1.0.1820
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4536-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-tzOIOUzOeym8hVj0i/CPu6NGmjI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eG3A%2Fm2Xrx1UgxLsUZj5ij1sHdjgZc70f74ZCbvuyjYbdgTJaYUwzZdNMxhDWE5jJ70aiv07ThgudbnfJGwhgwINsrfdjE1QUO4PtrrZMBOHqTRJUPvOx56SM2498c49%2BGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80aa0e57185f021d-ZRH
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80aa0e554f701c87-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80aa0e554f731c87-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
pbjs
htlb.casalemedia.com/openrtb/ 		39 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4bd6ae5814a2859215a7b102a29a740c2220dd2f8eb8d505f447a92d5a460e0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaVOMtzNRNiPiu8jtFV0ZIQPApSv2eOjGxmEWg%2BdRJfj7ai2LAPgZ42jGm0LXBLBghHenaN0U%2F5W1Lh0zvHZVGu0bOsfkwlfZKLnFrKxxHe3g0Zt%2F4n2L2WswY4NZe36Gfigwz%2F2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80aa0e552fbb233d-ZRH
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e8ce003a96c02bf65b5ab4775b2ac0dd3cba0c5522fa9977f93ff952ea072b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEiwaXoiAZOtp2pykubZh2tLHQt48EbP4tCWgSouMZlXC4RMUlH59ZzyrTsyPdfRxkF1dwlMTg1oKRNnEy3OU7k9PSRk9lE4ePlGlhCxB8zvXMan4RYJ9L4YBw5BPjlIcfSRBUrZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80aa0e552fbc233d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e8ce003a96c02bf65b5ab4775b2ac0dd3cba0c5522fa9977f93ff952ea072b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5u%2FUuuJ1%2FQp8Ap3TQHSE3P6bqVuaLYRN7AdN5PVKRZoHz9%2BepiGSuL5Q0h6o%2Fpp%2F3jiNmEtn6eTAjTcHyumWiHjVnVn4Hcb37VQh%2FPfGjJpkjlU22lUuo6S2Zx2zo1GUZtPZSoW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80aa0e552fbd233d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
hbjson
grid.bidswitch.net/ 		32 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.233.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-233-77.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
99a97fa27c0f057db31d471edf90dcd13b6f5d3b1c91956300586e4d117ad3b1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 22 Sep 2023 11:02:30 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
14568
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
71
content-length
3
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
auction
tlx.3lift.com/header/ 		19 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.66.153.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-153-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8704e4647391c5af022c0c31fa07d613382e186e30d079e379929293616eabbd

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 22 Sep 2023 11:02:29 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=94339510067&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 22 Sep 2023 11:02:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 22 Sep 2023 11:02:30 GMT
prebidjs
rtb.openx.net/openrtbb/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
39cc4eba57da890791758a2531fff4fd01b2908375cce742b84be17a53406601

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 22 Sep 2023 11:02:29 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		250 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aba7f85085a22a706c96c76b9e16b79599140558896f55b104d644fcd5782ecf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
an-x-request-uuid
06698b49-57a5-4278-8858-89f1be9793c3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
85.218.70.160; 85.218.70.160; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/ 		981 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5964
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.251.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-251-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d3e8bf5c0bc916787ad339d2879fb8459b55c8d8dfff94f02c08b693aaa850c9

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.130.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=b060550c-78fb-4d42-ae5a-c93f0b3dba25%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%A8%81%E5%8A%9B%E5%BD%A9%E8%A1%9D9.2%E5%84%84%EF%BC%816%E9%9D%A2%E7%9B%B8%E5%A4%A9%E7%94%9F%E5%B8%B6%E8%B2%A1%E4%B8%AD%E7%8D%8E%E6%A9%9F%E7%8E%87%E6%9C%80%E9%AB%98&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=f4fa2004-b783-4357-9431-9314057e2742%3B936e2231-b22a-409a-81a7-bb71b7607423&l_pb_bid_id=7305fd4e9f5e806%3B74a6aee6d51cd4a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f4fa2004-b783-4357-9431-9314057e2742%3B936e2231-b22a-409a-81a7-bb71b7607423&rp_maxbids=1&slots=2&rand=0.07880037248851202
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dfacfbc1cb0eb3ba78bfc6d64cea38c2184bdf6010b1ae119439f9f018e2e501

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2904
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icir1FaKFP82LPO7pe20aOyyRKcdXWmMAv5WVxmeHHatBajEvVFA9LG8z9IaaFgwyq7cUeCZ0j0C7zOPqIGfPYQCgr333pUL%2BOi93Ud6QeXH1wwC51s3naDhKP%2FdB53Nuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
80aa0e548d4e1c7d-AMS
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
2d9ed895abda948947bcd6f9daabe355957327517f8742114ca30772a42ccc3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:30 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
impress
ad.vidverto.io/delivery/ 		52 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&referrer=&async=1&uid=8190071134&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
428930022991b869ad0359d6c93e26c0a3752ef566c65f72c4e4beb3ad404378

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 22 Sep 2023 11:02:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.683452049069333&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1414%7D%22%2C%22eventTime%22%3A1695380549879%7D&tim=13%3A02%3A29.879&id=3436&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
next-up-widget.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae006893b2b4e15dc8d1a4deab2f6defa6430dd2981008ce790ad18a53df05

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zZcKTW2Xzt6MSnUGXxDta6ZXrMZ11mJk
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
70W3B593RPFNVGJ3
age
59751
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
DV5bSP65qM30al4uqDWk82y+/gJV4XMrHGDSg0IB3ooIEwz66o17++uy8RpaaGkWYGdiKQxwHkg=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:39 GMT
server
AmazonS3
x-timer
S1695380550.921777,VS0,VE0
etag
"ff53a98eeb20e5a889c23228db5ade08"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2297
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22304.0625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A29.905&id=3711&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A29.917&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4230&cv=20230920-27-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67249
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 10:08:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 22 Sep 2023 11:02:30 GMT
spa-detector.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b06d2520237ab14e555455ec9da0066deed1e43cc53ba14492e1682244d46baa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XLPTFxdI1EfHSnDVmzoYpcspWJwGp7qU
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:29 GMT
x-amz-request-id
07D094XX3FPY16Q3
age
59745
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
1xM+W2tqXPJHFVCaLfrAL1fwvoJM2rLBHEwoBw1joGpOE9RkQS4xAmE5byk69GLWzRX4IoUBrDk=
x-served-by
cache-ams21043-AMS
last-modified
Thu, 21 Sep 2023 18:26:45 GMT
server
AmazonS3
x-timer
S1695380550.948114,VS0,VE0
etag
"6d625fcb9ebda27aa41361d5906c4b1f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9965
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A29.918&id=5186&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1695380549923%7D&tim=13%3A02%3A29.923&id=6202&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A29.925&id=7053&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=12611&tvi50=12261&lti=deflated&ri=67503558a8de508bd84389d9d528d878&sd=v2_bb55dd1aa7552356804345cee151ec62_e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5_1695380549_1695380549_CNawjgYQ2YJdGIfbuOSrMSABKAEwKziy0A1AzYgQSI6a2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&pi=/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&wi=-3736247662337270422&pt=text&vi=1695380548999&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1695380549927%7D&tim=13%3A02%3A29.927&id=7460&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
onetag-sys.com/usync/ Frame DF6B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
a43670cdec4965a99a53a7c46b110280b6c849ace27e5eba55080624b9b6bf4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1437
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
c0fc6b0311c6ce151569fee1d73bcfeacb5b743650d6d0349aeb35150480a000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125690
x-xss-protection
0
expires
Fri, 22 Sep 2023 11:02:30 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:30 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:30 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=8a6ba3d3ebe29c4e894807ea956e9bd6
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 11:04:56 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65019758-15fed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:30 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:30 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		284 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 11:42:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fefd1c-47038"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:30 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Df5d4492b-89e6-47f5-972d-deb5ce48bbb2%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&p_id=23
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f5d4492b-89e6-47f5-972d-deb5ce48bbb2&gdpr=0&gdpr_consent=
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-v1QDExtPj0-svn5TKk7Dr5OWa2q6WuzpHqoNCA&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=ff8274a0-150a-40f3-8007-83e33490fdf2&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=ff8274a0-150a-40f3-8007-83e33490fdf2&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Server
185.180.223.221 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-221.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=ff8274a0-150a-40f3-8007-83e33490fdf2&p_id=15
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Fri, 29 Sep 2023 11:02:30 GMT
6ebdc430303496d2574942e421c53e11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6ebdc430303496d2574942e421c53e11.png
age
3017167
edge-cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
356686445197087509435470419559440289029,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
35
req-referer
https://kifache.com/%D8%AC%D8%A7%D8%A6%D8%B2%D8%A9-%D8%A3%D9%81%D8%B6%D9%84-%D8%AD%D8%A7%D8%B1%D8%B3-%D9%85%D8%B1%D9%85%D9%89-%D9%81%D9%8A-%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85-%D9%8A%D8%A7%D8%B3%D9%8A%D9%86-%D8%A8/
content-length
8250
x-request-id
a9345f3c6a017abfd5fd26145d40a354
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200023-IAD, cache-iad-kjyo7100108-IAD, cache-sna10735-LGB, cache-iad-kiad7000124-IAD, cache-ams21043-AMS
last-modified
Thu, 10 Aug 2023 11:47:17 GMT
server
nginx
x-timer
S1695380550.106029,VS0,VE1
etag
"0f290e0e1bf2b6824ad4b0ee1e205321"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 13, 1
9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c576fdfe5a6c400ea517402141cf357eb3c0b9ec3bec05a0a2ac8e0d1993ca1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9cc7eaf84d81d0a5a57cf79b8cf401f1.jpg
age
3380846
edge-cache-tag
565218022308872277084972768976654244803,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
565218022308872277084972768976654244803,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
105
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://movie.douban.com/review/15357403/
content-length
7238
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100041-IAD, cache-iad-kcgs7200152-IAD, cache-chi-klot8100163-CHI, cache-iad-kiad7000027-IAD, cache-ams21043-AMS
last-modified
Sun, 16 Jul 2023 02:31:11 GMT
server
nginx
x-timer
S1695380550.131953,VS0,VE1
etag
"61a2263875f5f97c4f2474c0edbfe0ae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 737, 1
49a65433a0e00aa6375452e026770fa8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
50b2a016aede5e030b851da8107c200231aa5a6cc0fd3424cd8491ade7d4f9c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/49a65433a0e00aa6375452e026770fa8.jpg
age
2212195
edge-cache-tag
301222070070333916538293516185212795574,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
301222070070333916538293516185212795574,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://www.chineseinla.com/
content-length
5780
x-request-id
71c6c571fbb91ed0790d0e93cf592b73
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000145-IAD, cache-iad-kjyo7100172-IAD, cache-iad-kiad7000049-IAD, cache-ams21043-AMS
last-modified
Wed, 23 Aug 2023 13:41:20 GMT
server
nginx
x-timer
S1695380550.131897,VS0,VE1
etag
"f583f24db33717ce16c0ece7cf3c5c47"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 21, 1
img
sync.mathtag.com/sync/ Frame DF6B 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x15 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:30 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x15 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 22 Sep 2023 11:02:29 GMT
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LMUHT0ZK-21-IWAD&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LMUHT0ZK-21-IWAD&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LMUHT0ZK-21-IWAD&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%24UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5249776766648800446
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5249776766648800446
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
an-x-request-uuid
67b81c48-cfd6-40d0-a984-2326e00158db
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=5249776766648800446
x-proxy-origin
85.218.70.160; 85.218.70.160; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=94c5c95aa1636b5f23071f9a4f39010&gdpr_consent=&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=94c5c95aa1636b5f23071f9a4f39010&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:30 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=94c5c95aa1636b5f23071f9a4f39010&gdpr_consent=&gdpr=0
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695380550434003-383
Expires
Fri, 22 Sep 2023 11:02:30 GMT
tap.php
pixel.rubiconproject.com/ Frame DF6B 		42 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame DF6B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiryOMmmFDojAcC87-3dW2MfurL8G2HLIng
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiryOMmmFDojAcC87-3dW2MfurL8G2HLIng
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABiryOMmmFDojAcC87-3dW2MfurL8G2HLIng
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=8624674787662534251
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=8624674787662534251
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=8624674787662534251
date
Fri, 22 Sep 2023 11:02:30 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame DF6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame DF6B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iMZTQ9yKvY6bqMgz0PtdWq2BIwWDaklcDLCGJIVQVK4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iMZTQ9yKvY6bqMgz0PtdWq2BIwWDaklcDLCGJIVQVK4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
40YCXF2M54DQ5SGQ1GR7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=iMZTQ9yKvY6bqMgz0PtdWq2BIwWDaklcDLCGJIVQVK4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0UyMEZFMTEtNTMzOS00MkZGLTg1MkQtRDFBREFCNTVFNzAz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3E20FE11-5339-42FF-852D-D1ADAB55E703
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3E20FE11-5339-42FF-852D-D1ADAB55E703
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=3E20FE11-5339-42FF-852D-D1ADAB55E703
date
Fri, 22 Sep 2023 11:02:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFS_NiRI5IU3qeeAC6zVXiQ&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFS_NiRI5IU3qeeAC6zVXiQ&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEFS_NiRI5IU3qeeAC6zVXiQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame DF6B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-24DwbuZE2uEEVLhD_rTkiij9CjiNz0d6rZUMFFc-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-24DwbuZE2uEEVLhD_rTkiij9CjiNz0d6rZUMFFc-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-24DwbuZE2uEEVLhD_rTkiij9CjiNz0d6rZUMFFc-~A
date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame DF6B 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame DF6B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=onetag&gdpr=0&gdpr_consent=
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame DF6B
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5
0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg&p_id=5
date
Fri, 22 Sep 2023 11:02:30 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
st
imprammp.taboola.com/ Frame 1D87 		422 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=undefined&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=7fec6fa1-9397-480f-a0a6-fff404402703&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2351470f809103f89a0aacf2fc9b308ec31029c1d4095b5392fd5f166a11776b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 22 Sep 2023 11:02:30 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ams21043-AMS
x-timer
S1695380550.261895,VS0,VE3
sync
am-match.taboola.com/ Frame 8E76 		577 B
663 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
3a33e1d86e1825e97e5ae914b6b103d29e6ad5e7b816d0366fe105f20b17917f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 22 Sep 2023 11:02:30 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695380550232&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1555&pt=-437115361&tz=120&viewable=true&ddast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vC!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1432
x-cache
MISS
x-served-by
cache-ams21043-AMS
pragma
no-cache
server
nginx
x-timer
S1695380550.263426,VS0,VE54
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=31589837&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1695380546403.6!ts:1695380550224&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 1D87 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=undefined&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=7fec6fa1-9397-480f-a0a6-fff404402703&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1D87 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=undefined&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=7fec6fa1-9397-480f-a0a6-fff404402703&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.246.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-246-120.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 1D87 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=undefined&cb=1695380550225&uv=3342&tms=1695380550225&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=7fec6fa1-9397-480f-a0a6-fff404402703&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_2/infra/ 		881 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695210483
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
6HT4PR45BR06WGQA
age
169923
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695210483
x-amz-meta-mode
33188
content-length
147012
x-amz-id-2
L0gfrGoz89dO/mtwhpay/beeJd0gHAttRPRaCxEKbRQtwxLYtlcVd9fgrk8aj2ZKjf4c1lYxyK0=
x-served-by
cache-ams21053-AMS
last-modified
Wed, 20 Sep 2023 11:48:04 GMT
server
AmazonS3-br
x-timer
S1695380550.398799,VS0,VE0
etag
"76607e75a1d8a4ef30e4276227b9084c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
9103
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_2/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_2/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695210501
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
SPR8S38GXKSFACDW
age
169928
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695210502
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
saOXDfAioAlslsUCLxOzEFC6+KVsHF/ITSQyzp72zwE76q6fe56Rk/Tst0h9nwwu/PxlH3HJzs4=
x-served-by
cache-ams21043-AMS
last-modified
Wed, 20 Sep 2023 11:48:23 GMT
server
AmazonS3-br
x-timer
S1695380550.398692,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
33727
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1DA4 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
57d3d92276c9c203085246478f507bec97cc4df3a57a90b28b824a84c568d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7885
x-xss-protection
0
server
cafe
etag
8655834080674441076
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:30 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8E76 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8E76
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31208

Redirect headers

date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 327D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Sep 2023 11:02:30 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame FB64 		714 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
4561
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
80aa0e58bbfd1c7d-AMS
content-encoding
br
content-type
text/html
date
Fri, 22 Sep 2023 11:02:30 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qovsolafwe1Tc0Yt8iILn4n97PfFR2t4Pqktbf53QryJYUIn3lQrohB6BORtNFIWtrM51NaLWWGU6ADg7saSzHuOUGj%2F%2BhTv9GL1%2FkMGrRVD2RPBEmEzAgUWaJPAAxZlFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9029
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Sep 2023 11:02:30 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 22 Sep 2023 11:02:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/b70908e9-76aa-3428-ad37-ff692c54945e?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cLyhUNxE2oXEzWmin0jgkzpVzDGWwtwcaVi4CQM-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cLyhUNxE2oXEzWmin0jgkzpVzDGWwtwcaVi4CQM-~A&redirect=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
192.96.203.13 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:31 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Fri, 22 Sep 2023 11:02:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-cLyhUNxE2oXEzWmin0jgkzpVzDGWwtwcaVi4CQM-~A&redirect=
content-length
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-C1
age
1301055
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-ams21043-AMS
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1695380551.712118,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
A6eSXa8mzm8pvy_g4qU43SWxHhg7-JxFo9dy2qx0Z0FOI9MVcvzpjQ==
x-cache-hits
37073
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/ 		450 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fd67efe8aac70390a024a95f8fe3355d692a22c846e65d55e82a8aa4014843f0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695027665
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
QYGBVB1AEKHXCR3T
age
352814
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695027679
x-amz-meta-mode
33188
content-length
86683
x-amz-id-2
sg2Cz/kOTK9gAPP646LQCd1Je2PJho+WotdALgEPQ6UeU0mYDB0x9xefDxx8YEXY5Pwkn2Fm00k=
x-served-by
cache-ams21053-AMS
last-modified
Mon, 18 Sep 2023 09:01:20 GMT
server
AmazonS3-br
x-timer
S1695380551.755325,VS0,VE0
etag
"05df47b8e9f435ec4a08485c8e397651"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
85270
sync
am-match.taboola.com/ Frame C95B 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_2/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ee5981d8cb3c6aa24b24b6f12f6dcda2e21510c54a56dbdf890f71109fe555fa

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 22 Sep 2023 11:02:30 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&cmcv=&pix=31579697&cb=1695380550752&uv=3342&tms=1695380550752&su=3&abt=adxtrshold1-out_vC!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-length
0
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FB64 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4b3875cd21da5664b4683ab06d45bb2343fb9d29c44d43d1e6a9173ed4be538c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29332
x-xss-protection
0
server
cafe
etag
671 / 19622 / 31078075 / config-hash: 17275398374163876192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:30 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93ZWktbGktY2FpLWNob25nLTktMnlpLTZtaWFuLXhpYW5nLXRpYW4tc2hlbmctZGFpLWNhaS16aG9uZy1qaWFuZy1qaS1sdS16dWktZ2FvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04ZTI5ODgzMy1hNGFiLTQxY2YtYTdkOS03MDcwOGMyNzJkMzIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNzZmMWI0YmYtMWMyNS00M2I4LWJmNzktOGRmYWI0NDY3ZGI2IiwidGltZU9mQXVjdGlvbiI6MTY5NTM4MDU0OTc3MSwiYmlkcyI6W3siY3BtIjowLjAzLCJhZElkIjoiNzY0OWRkYTBhMDdmODkiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDU0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTM4MDU1MDIzNn0seyJjcG0iOjAuMDM2MzM3NSwiYWRJZCI6IjgwMDQ5MTMyYzdkNGUzMiIsIm9yaWdpbmFsQ3BtIjowLjA0Mjc1LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMzYzMzc1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo2MjMsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk1MzgwNTUwNDEzfSx7ImNwbSI6MC4wMSwiYWRJZCI6IjgyODIyOWE5YjA2YzZhNyIsIm9yaWdpbmFsQ3BtIjowLjAxLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6OTkwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTM4MDU1MDgwNn1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhZGxpdmV0ZWNoIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI4MDA0OTEzMmM3ZDRlMzIiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDM2MzM3NX0seyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJwbGFjZW1lbnQiOjEsInJlZnJlc2hDb3VudCI6MCwicHJlYmlkQXVjdGlvbklkIjoiNzZmMWI0YmYtMWMyNS00M2I4LWJmNzktOGRmYWI0NDY3ZGI2IiwidGltZU9mQXVjdGlvbiI6MTY5NTM4MDU0OTc3MSwiYmlkcyI6W3siY3BtIjowLjAxMywiYWRJZCI6Ijc1MmJhNmY1NmQ3OTNkOSIsIm9yaWdpbmFsQ3BtIjowLjAxMywiYmlkZGVyIjoib3BlbngiLCJyZXZlbnVlIjowLjAwMDAxMywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Mzk1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTM4MDU1MDIwMH0seyJjcG0iOjAuMDMsImFkSWQiOiI3NzY0ZTkzMjBkMjRhZGQiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDU1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTM4MDU1MDIzN30seyJjcG0iOjAuMDMsImFkSWQiOiI3OGU5MWVmYjg4NTRmZjQiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6NDU1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NTM4MDU1MDIzN30seyJjcG0iOjAuMDI3MDA0NSwiYWRJZCI6Ijc5YzM3NDA4MDVlMGVjZSIsIm9yaWdpbmFsQ3BtIjowLjAzMTc3LCJiaWRkZXIiOiJhZGxpdmV0ZWNoIiwicmV2ZW51ZSI6MC4wMDAwMjcwMDQ1MDAwMDAwMDAwMDIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjYyMywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTUzODA1NTA0MTN9LHsiY3BtIjowLjAxLCJhZElkIjoiODEzYzVhNzMxZjViODYiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjk4OSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTUzODA1NTA4MDV9XSwidGltZWRPdXRCaWRkZXJzIjpbXSwicmVxdWVzdGVkRm9ybWF0cyI6WyJkaXNwbGF5IiwidmlkZW8iLCJuYXRpdmUiXSwicHJlYmlkV2lubmVyIjoiaXgiLCJwcmViaWRXaW5uZXJBZFVuaXRJZCI6Ijc3NjRlOTMyMGQyNGFkZCIsInByZWJpZFdpbm5lckNwbSI6MC4wMDAwMjk5OTk5OTk5OTk5OTk5OTd9XSwiY291bnRyeSI6IkNIIn0%3D&c_b=4409.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
AMS1-P1
age
1415302
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-ams21043-AMS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1695380551.846188,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aMbbnOmg1VE3Pr2yFaiHpIZhHxo3sETSuv1N7hdOiyVEbEUpcsOAdA==
x-cache-hits
69844
usync.js
eus.rubiconproject.com/ Frame 327D 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2f9311522f3953763a4e8f71eaedc1e2c599ca4db6f3342f12ce5766ad60d0a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Sep 2023 07:06:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72182
Connection
keep-alive
Content-Length
10515
Expires
Sat, 23 Sep 2023 07:05:32 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=12611&tvi50=12261&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
80
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
62249
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21043-AMS
pragma
no-cache
server
nginx
x-timer
S1695380551.866065,VS0,VE80
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame 9029 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2f9311522f3953763a4e8f71eaedc1e2c599ca4db6f3342f12ce5766ad60d0a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Sep 2023 07:06:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72182
Connection
keep-alive
Content-Length
10515
Expires
Sat, 23 Sep 2023 07:05:32 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
40 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2441781182541192&correlator=2996200877366347&eid=31078025&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&arp=1&abxe=1&dt=1695380550851&lmt=1695373350&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&psts=AOrYGsmyBBpb1vYGNvoVF1HCykP1I0-CA-17EhBKUHD7VxVP&ga_vid=1067824878.1695380549&ga_sid=1695380549&ga_hid=1180631796&ga_fc=true&dlt=1695380548467&idt=755&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_4_0%26cluster_reporting%3Dchrome_DESKTOP_4_1_active_0%26refresh27Split%3Drefresh_experiment_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D7764e9320d24add%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv6_c&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
441573cb088293510a1bd183ddafdd435694c32b2550ea2c88933147c08598eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41276
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2441781182541192&correlator=2996200877366347&eid=31078025&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&arp=1&abxe=1&dt=1695380550855&lmt=1695373350&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AOrYGsmyBBpb1vYGNvoVF1HCykP1I0-CA-17EhBKUHD7VxVP&ga_vid=1067824878.1695380549&ga_sid=1695380549&ga_hid=1180631796&ga_fc=true&dlt=1695380548467&idt=755&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_4_0%26cluster_reporting%3Dchrome_DESKTOP_4_1_active_0%26ap_refresh_type%3DAV_3%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D80049132c7d4e32%26hb_ap_bidder%3Dadlivetech%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26faid%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv6_c&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7b5a1a6db7d4be4fe67f72bf82124979d1d83694efa94e453d66e794e2d5aa91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14119
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
L2Evd2VpLWxpLWNhaS1jaG9uZy05LTJ5aS02bWlhbi14aWFuZy10aWFuLXNoZW5nLWRhaS1jYWktemhvbmctamlhbmctamktbHUtenVpLWdhby5odG1s.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2Evd2VpLWxpLWNhaS1jaG9uZy05LTJ5aS02bWlhbi14aWFuZy10aWFuLXNoZW5nLWRhaS1jYWktemhvbmctamlhbmctamktbHUtenVpLWdhby5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 21 Sep 2024 11:02:31 GMT
date
Fri, 22 Sep 2023 11:02:55 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:42:24 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1208
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
JP8XZ-ZcFt4brjgD6PJprF5nrTEW-OIrrmZU_shA-SKvNHSrSQUTKQ==
generic
match.adsrvr.org/track/cmf/ Frame C95B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame C95B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32645

Redirect headers

date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-olSEoiRE2oTAfa53XCEWNtOv2WRmCDTTQ6.rzQ--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame C95B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
prebid-request
onetag-sys.com/ 		15 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
879efe3f22db43726a25633d96a23721b40c2a9b567db2a330ab6f6076f7e114

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:30 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 22 Sep 2023 11:02:30 GMT
via
1.1 varnish
x-amz-request-id
ZFRPC3PFTHSKWAJC
age
27625
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
I3ik5JowKcfEGbtrriHouz1flL96hfvN+S8YuupPMlmly2fde9Exqqba1OwCj7qV+igbuNUsCvE=
x-served-by
cache-ams21043-AMS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1695380551.959123,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2899
khaos.json
token.rubiconproject.com/ Frame 327D 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
khaos.json
token.rubiconproject.com/ Frame 9029 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/ Frame FB64 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 13:57:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
75902
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131874
x-xss-protection
0
server
cafe
etag
11000565836845060056
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Sep 2024 13:57:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1DA4 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
0f62ca6a2ea203224411557d635e4d43fa71ad6f5636bf8dedd82c78b8075f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50723
x-xss-protection
0
server
cafe
etag
4509762991513306188
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame FB64 		499 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=917026010943858&correlator=2287434694849717&eid=31078075&output=ldjh&gdfp_req=1&vrg=202309200101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1695380551120&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=nm1zzr7gjwuf&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPCj-JRZir2coE-ZHS4CFTX41VlCiVW-V2RbvHLpDYkVAFmVOlLZEKGYcNl6mf9oDDRVXTk8MuzTNjtduU7RtPxAT4i9bXHvFiIeWlN81szFh9nrEKN8blOts5fEbkKdidNGmn_xtnjbV4MX_DbLRO5dDO0GjxQ-GRDKcZgk7eGt7uaLaW0t0Mz-Q&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1908647507.1695380551&ga_sid=1695380551&ga_hid=1222523871&ga_fc=false&dlt=1695380550803&idt=286&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cca08fd9e75288985ae5019b20719865bba5592cd8c8964d42e1571127290e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FB64 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309200101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
adb116c7fddef9ad1e4b6818f323d56779020cfa3a1e7cd40c8a087700c83e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12034
x-xss-protection
0
container.html
58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:31 GMT
expires
Sat, 21 Sep 2024 11:02:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame 1DA4 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
d8ebe6e1096dc0cdbc5f6d48e4eabcef8564714f3223a97550b17b2b1a641a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131532
x-xss-protection
0
server
cafe
etag
6055687374974596884
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame AD42 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
14605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 06:59:06 GMT
etag
2603938475786422795
expires
Fri, 06 Oct 2023 06:59:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
idsync
sync.aralego.com/ Frame 9029
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LMUHT0YQ-14-JN4K
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMUHT0YQ-14-JN4K
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMUHT0YQ-14-JN4K
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
192.96.203.13 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:31 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LMUHT0YQ-14-JN4K
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 22 Sep 2023 12:02:31 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.591.2_en.html
imasdk.googleapis.com/js/core/ Frame 96B3 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
42397
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236868
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 23:15:54 GMT
expires
Fri, 20 Sep 2024 23:15:54 GMT
last-modified
Thu, 21 Sep 2023 23:07:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Sep 2023 11:02:31 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 44D9 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:28:46 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=kSjFyL4Wo4eOdAIZbpjQANeWm%2FfPe2SRPmHKclanQV6H84Vi2HAmMNMUKRs9WtocN5DElib2bxDUpN21tCDkl9moNMZjC3yK3ob4znVl4fcFYojvzboOxLp1S4mPvmpFbUtR9amr%2BsyLMZudweecIh%2FTDCYVrOdRfoocCvNjRxz1H3urA7MeqrrpUM%2BT8zJKBBDqKbFMCB1CiWazvSmVIdSK5ZTvu2UMOiHz9h13hWYcZCT30VB4R42MGDqc24CMWkt01LKFsMRGwHchBir2lRtp5cEA2uQbkt62v4lT4SdKnh%2Fu0ZvbF05s%2FXxZRjpOpSssQZs0M2%2FUF%2BciqQKiA1NdJ%2Bx%2BZveZRYB5oxyoe3HtQKJw4Eg%2BtyMi82fkZtcx2qrHotn%2BvCQS7%2Bpk1gXwjStcZXVQ4ujGKnA0dDh1MCIHcqLk5LcO1qQZ1htIidSQtI9PgEErq3HcnId%2Bj309Yt63rtOQw6YKuf9de8GfdafP6rLBq3XtMGj%2F1nVJChrPrtLwrjkJRA%2FgCf0P4cJbXOoUjrdXpE146NgCWSd40NAUkaaBCTlGsOV4Rz5EPDq3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		92 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Haarlem, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 22 Sep 2023 11:02:31 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
js
www.googletagmanager.com/gtag/ 		268 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fa47cc46702c97e270b16594a5fc0bc23bb79352ce0a97796ce15a108961381c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91373
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 22 Sep 2023 11:02:31 GMT
container.html
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54A9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:29 GMT
expires
Sat, 21 Sep 2024 11:02:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-48.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
script.js
d2q8xv8xf7whrd.cloudfront.net/ Frame 88B8 		127 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2q8xv8xf7whrd.cloudfront.net/script.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.200 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-200.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37f70cfdf7a45be04857c8599a23fe4cd3999480a39c28e774b39d7ebf9dcbcd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pS7sOvlKAybdGMeBdEoLR2Ak.DJdjyFv
content-encoding
gzip
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
date
Fri, 22 Sep 2023 11:02:01 GMT
last-modified
Fri, 22 Sep 2023 09:05:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
31
x-amz-server-side-encryption
AES256
etag
W/"cbdef0509df3b75399b7c5d0bd139708"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
CK0q7H1lsNTC5YVgfHT2vRxYr9kPoj6HxxKNApXLtDoKX401tMLHIw==
73bb8f5c-e61a-4414-a3db-18858d72e805
a1112.casalemedia.com/impression/v2/693656/85/ck6n8havcdgd87amdg3g/ Frame 88B8 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1112.casalemedia.com/impression/v2/693656/85/ck6n8havcdgd87amdg3g/73bb8f5c-e61a-4414-a3db-18858d72e805?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1695381150&profileIDs=&creativeID=18d3693&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.43 , Netherlands, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:31 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYHymftmCODtb4Y_H0Pa_ixDwU85EsG_zT_XaoRe1hoIte1C2VY4d6-0XNENTFee3wXyCpBCjheCT1jouPRYMxPqz8daLDe8Av7eVbBp9SIbjQk_4
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=159794977715089779&x=13&ct=77
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 88B8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:31 GMT
r62eglto.js
ad4m.at/ Frame 88B8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
327634
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I%2BrUVK35nKlnjYtBQnbfEg6txlw8wa5tTtwXloLc7bRBQ7G9uu5uwm%2BnWuGljDd7ebzmcvUv70K61MRwMngIBwEU6PYQ3CVvrrbDZYbKeYJbyfcD2hjhX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
80aa0e610aa40b6e-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Sep 2023 16:30:21 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.146.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-146-48.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS93ZWktbGktY2FpLWNob25nLTktMnlpLTZtaWFuLXhpYW5nLXRpYW4tc2hlbmctZGFpLWNhaS16aG9uZy1qaWFuZy1qaS1sdS16dWktZ2FvLmh0bWwiLCJzaXRlRG9tYWluIjoiaHR0cHM6Ly9iZzMuY28vIiwicGxhdGZvcm0iOiJERVNLVE9QIiwicGFja2V0SWQiOiIwMDAwQTcwMS04ZTI5ODgzMy1hNGFiLTQxY2YtYTdkOS03MDcwOGMyNzJkMzIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJiaWRzIjpbeyJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDI5OTk5OTk5OTk5OTk5OTk3LCJyZXNwb25zZVRpbWUiOjQ1NSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5Nywid2lubmVyQWRVbml0SWQiOiI3NzY0ZTkzMjBkMjRhZGQiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiNzZmMWI0YmYtMWMyNS00M2I4LWJmNzktOGRmYWI0NDY3ZGI2IiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4926.299999237061
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9029
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=U0QSC71sQLKHOYSm_yhgBw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0QSC71sQLKHOYSm_yhgBw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0QSC71sQLKHOYSm_yhgBw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MS7VC9AZX1QG0QCXA052
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=U0QSC71sQLKHOYSm_yhgBw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9029
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MjcwMjAwN2YwNjk2MGRhMDI4ZGYzMGM5MWMzOWQ2NzhlMzdiNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MjcwMjAwN2YwNjk2MGRhMDI4ZGYzMGM5MWMzOWQ2NzhlMzdiNQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc4MjcwMjAwN2YwNjk2MGRhMDI4ZGYzMGM5MWMzOWQ2NzhlMzdiNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9029
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=odRW-ReFQtG0OKh5G2tdww&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=odRW-ReFQtG0OKh5G2tdww
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=odRW-ReFQtG0OKh5G2tdww
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ENTAZVWE4C0EGG8QCF8N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=odRW-ReFQtG0OKh5G2tdww
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9029
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMUHT0YQ-14-JN4K
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMUHT0YQ-14-JN4K
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 070015CC908A490C894491556F792E79 Ref B: AMS04EDGE3117 Ref C: 2023-09-22T11:02:32Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYF8IuS8bUtF6RrCEq9IA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMUHT0YQ-14-JN4K
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 9029 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 9029
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDc5uY-tDJncnrBCLx-_mAM&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDc5uY-tDJncnrBCLx-_mAM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDc5uY-tDJncnrBCLx-_mAM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9029
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/T_ZUT7dJDnIYvU1tIuSNWcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2oH1vU1E2oL.Ae.6KvD5vN3f1QBffhDD238xPQ--~A
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2oH1vU1E2oL.Ae.6KvD5vN3f1QBffhDD238xPQ--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 22 Sep 2023 11:02:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-2oH1vU1E2oL.Ae.6KvD5vN3f1QBffhDD238xPQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9029
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1VSFQwWVEtMTQtSk40Sw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAmqa6Jxb_BmYElmbOQ2y9o&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1VSFQwWVEtMTQtSk40Sw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1VSFQwWVEtMTQtSk40Sw==&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1VSFQwWVEtMTQtSk40Sw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:17:50 GMT
x-content-type-options
nosniff
age
535481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 06:17:50 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:55:47 GMT
x-content-type-options
nosniff
age
540404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 04:55:47 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
2ab36c0d951b69d9c04f85f5eb613648.js
www.gstatic.com/mysidia/ Frame 54A9 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 09:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
352334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 09:10:18 GMT
cd233a70afb96cd167e1530303b3d74f.js
www.gstatic.com/mysidia/ Frame 54A9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 17:32:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14669
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 17:32:38 GMT
7aa689309bcd7b42dc3616d5eb539a0d.js
www.gstatic.com/mysidia/ Frame 54A9 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7aa689309bcd7b42dc3616d5eb539a0d.js?tag=exit_2019
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 20:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9353
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 20:53:40 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 54A9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite_fy2021.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
8507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 54A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2728
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 10:17:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 54A9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
8508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:44 GMT
l
www.google.com/ads/measurement/ Frame 54A9 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54A9 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:32 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 54A9 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 12:26:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 20:01:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 12:26:03 GMT
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		12 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Haarlem, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 22 Sep 2023 11:02:31 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
cookie.js
partner.googleadservices.com/gampad/ Frame 1DA4 		210 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
1b0436786cd669ccc7b4d71a084fc4c55af441fa98029b740579107ce2c9c6fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8BD6 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0fa22d2043fb135cc6a5d67dfdf67b67acdd0629c5540472297a426c231c2f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15701
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=200579278;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=200579278;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1655619481-1695380550865;pbc=b060550c-78fb-4d42-ae5a-c93f0b3dba25;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1695380551651;tzo=-120;ogl=;ses=5808eea0-eeac-4b10-b07f-6bf9569aa89c;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39k0&_p=1180631796&cid=1067824878.1695380549&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695380551&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=%E5%A8%81%E5%8A%9B%E5%BD%A9%E8%A1%9D9.2%E5%84%84%EF%BC%816%E9%9D%A2%E7%9B%B8%E5%A4%A9%E7%94%9F%E5%B8%B6%E8%B2%A1%20%E4%B8%AD%E7%8D%8E%E6%A9%9F%E7%8E%87%E6%9C%80%E9%AB%98%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8B5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:29 GMT
expires
Sat, 21 Sep 2024 11:02:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:31 GMT
x-amz-request-id
QGKR13PZZQJQBXVH
age
1022
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
1qtQVxWi/DHISGBHIO99deg4ePVGlY/71vCcXWbIc/jfDAWUGJ4XlnjrYRO633VuuJhSs6lOt9I=
x-served-by
cache-ams21043-AMS
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1695380552.752097,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
0
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1894
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Sep 2023 11:02:31 GMT
x-amz-request-id
VQM60MBKQFQCY8SS
age
27192
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
c0fAurhn9vBgbP8wnJn2qGbHXMl5w9VV2jDxhusPnM555o+lMkYVqeqQaj6/ZFBDYNqAhNcfUlc=
x-served-by
cache-ams21043-AMS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1695380552.752083,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
85
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
12130
EYRHO5%2F3W%2ByidXcCW%2B%2F6%2F5gf9eEhSh7wTx1%2BO2Yg90YWPsitdFH9rO4KGvkBNMaRPuLWzGsdoB63en2std7lYKEuo61rgmxr5QapfqVfDctg3ZtUh4GI3ydIa3InxdUyGuCl%2F4IiW5d20OLp15KD0F5svxeNbsXeV29gp88afqj7Ly2%2BgA5te...
ad.vidverto.io/delivery/video/pod/ Frame 96B3 		46 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/EYRHO5%2F3W%2ByidXcCW%2B%2F6%2F5gf9eEhSh7wTx1%2BO2Yg90YWPsitdFH9rO4KGvkBNMaRPuLWzGsdoB63en2std7lYKEuo61rgmxr5QapfqVfDctg3ZtUh4GI3ydIa3InxdUyGuCl%2F4IiW5d20OLp15KD0F5svxeNbsXeV29gp88afqj7Ly2%2BgA5teItpIVH%2FzpOzR3FSdqpYfGMiEQJJLDUfVhHsss%2FSL%2F8ePCyjDHyFMYnLIoAAcRpv0iEoFg3DsoYYnTFWCnJFznqXAx7uJSW2gcvLk6i0aZ5fwV5Fi8vdiumSPvj8YcFaGh1eE3R2AB8BiSMZhIN8hEHOIOT4%2B3VlvFs10buAsyYPRMl%2B%2FYlFaTe71evhrAgtcsOybGRL2L%2FITaT8MwSwqJHbee8suwVpaelPW%2BIqlEFyqmbUJsT5N9QLP2lffiKptBcGJaSu5Ud6UZlEJOb0OcjDLzYy9DEZgQQeSWfUFOHTXMXkS7EqkHIuAJL7IL7Do9N4x1Vq0NTtZhATGHAzYm2kzAFAzwC7uULC%2FwJMBNH5tHUxsIq8o7HKhwNx0vcmlCF7BA4IYfsAF2M04W8yxvm%2BHNR%2FWj1WF%2Fs0ea2Bog6M%2BJKVHroY%2BEpyBBMQtiYLHJq69dr%2BvZyTES972NDJmJugvDI0z9Oj2rGSBbtqWom2lEIKX38BdvvefybHKisg9jz1cuuW15tGYE31L1nC86uXzS9coQC1WTNpan%2BNH%2FKDv3X89ti3R1CA4GQ%2FofT219NH4u4tS5e0n3YbiEnkTRCQDN8iSqx0oA%3D%3D?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c3a75ddaffebb6b66b0c8c333dd68271fe3edf86266d60f50f9d085b29c69005

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Haarlem, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Fri, 22 Sep 2023 11:02:31 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
pixel
googleads.g.doubleclick.net/xbbe/ Frame D61F 		478 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNXia023UenDB-gnliG3-VBukaWrRefeEaXAaHFUOmGaNUpiqWONbqSau7xhIz5Wek8KKBCkRzl8UdqE_R9BtuZ_e_FDfg
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F8B5 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B5 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMvm7RsUonMDRWjeUuke6Yz8G-zUuFUIIe34xLBULuYvqrCdbwRbN2Qr_5iX9iofJMLEjtCJ1xjI9XVYD99Vr651WSnL6JSYWvX7O6J8bkPhiseWc
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4034034850252764634&x=1&ct=77
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame F8B5 		0
0
dvtp_src.js
cdn.doubleverify.com/ Frame F8B5 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame F8B5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2728
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 10:17:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame F8B5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
8508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8B5 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:32 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-ams21053-AMS
date
Fri, 22 Sep 2023 11:02:31 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
csi
csi.gstatic.com/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
/
adx3.adform.net/adx/ Frame 96B3 		65 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/live/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
/
cds.taboola.com/ 		0
0
1a
i.clean.gg/ Frame 88B8 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 22 Sep 2023 11:02:32 GMT
server
nginx/1.21.6
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame D61F 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNXia023UenDB-gnliG3-VBukaWrRefeEaXAaHFUOmGaNUpiqWONbqSau7xhIz5Wek8KKBCkRzl8UdqE_R9BtuZ_e_FDfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D61F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNXia023UenDB-gnliG3-VBukaWrRefeEaXAaHFUOmGaNUpiqWONbqSau7xhIz5Wek8KKBCkRzl8UdqE_R9BtuZ_e_FDfg
Protocol
H2
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxE1Osv74prvqATmpe6soZvJ4eh2yuc2c37cXOCIIU%2BsDWKjM4lX1RCdWwMYISHen8rcheCP6K0qgFGQhJgV336nUlRYPZEiC%2BZcDWeRon6OFSKK%2Fd2FZJodJ%2FZ20shL9%2B%2B63VaYWrZrUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e640e2e233d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D61F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQ10RwH-77UT8s5xuzaBIAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYieqX6QEwAQ&v=APEucNXia023UenDB-gnliG3-VBukaWrRefeEaXAaHFUOmGaNUpiqWONbqSau7xhIz5Wek8KKBCkRzl8UdqE_R9BtuZ_e_FDfg
Protocol
H3
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0iVCdJYL0gfkBr8VWaHdu6Ys9pnz8QIK80kc%2BG9UZZj67LF0XfO3ZPKl7bmWeXeURHZj01L70Dvbn7zpInshCcsR9zASIXwN3WIfjxW8aLCK9VDx2R3FhoqPsJnPbxxT2EtfHzYyTFgFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e6a8fe72355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEECZMdAPAshDj1NaxEinNN8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 88B8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:32 GMT
r62eglto.js
ad4m.at/ Frame 88B8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
327635
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Syh3f2fvPYVfm9gqRYVmiFT0SXr8n4ZsfGzQEKpQ0CYVN3xmbM7xuWtngaoYgtjy4aFRfrO%2FP2whed906nIPCNWMIz%2FgTBNGqQGvF%2FOIYrV%2F5KzXS1je%2Flc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
80aa0e61fc3e0b6e-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Sep 2023 16:30:21 GMT
73bb8f5c-e61a-4414-a3db-18858d72e805
a1112.casalemedia.com/impression/v2/693656/85/ck6n8havcdgd87amdg3g/ Frame 88B8 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1112.casalemedia.com/impression/v2/693656/85/ck6n8havcdgd87amdg3g/73bb8f5c-e61a-4414-a3db-18858d72e805?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1695381150&profileIDs=&creativeID=18d3693&pubID=189372&format=banner&channel=site
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.43 , Netherlands, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:31 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYHymftmCODtb4Y_H0Pa_ixDwU85EsG_zT_XaoRe1hoIte1C2VY4d6-0XNENTFee3wXyCpBCjheCT1jouPRYMxPqz8daLDe8Av7eVbBp9SIbjQk_4
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=159794977715089779&x=13&ct=77
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 88B8 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1835539402113&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1835539402113&version=m202309120101&ct=77&x=1&cor=4034034850252764700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F8B5 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMHuI4EldRgICZGuiJR2iuVoFkKbAplZLbM0wuuV00-NXSgGUim8Px6OOjFbdqeLFnhJJDKjeu9y1IfPNKt87J5_nKqe1J-ya8ZusZvBakgAmaFXDvBEa19wt1OBUUxCAD99-xAJUr3Kr_OUO_A5I1bjXGhPJJ1vrvymVTDLXQ9717nx0&cry=1&dbm_d=AKAmf-Cicu4ZzLRKmv1dtHsX4bMI1NEnACs9yBFxSTgt38_pUBB_DVd0zbPjPoRYytZYSejcjmv1itv7tW3P0tH28qEg-Kzqj11rwC66k4zfh0e34L76DVmYoqEP-Hrk3SKYtnz8E3S7fGUIrQw0NEXBz5b3Pgvg28jMKJNlOOorC5wKWaNA-tWJXT3bFCxfgaQ0Dj_ZFSnQyIrlgBfJhsC5ceJDIFtPy5rvZMEvaM0e8CpwaB6yZ1Uyh8-vNtBvroEax8Qo_ebpvPIWsd_L7MzPJAzTGGplfsgpxhyWLguXd1SNnEfwK3udfwwdph5fVAMuAb8DGUf6SZq_vOLzB60TJCTAhfS00J7VFSHvXqCgSBkQvzD1SoqKsK8y9BQGwf2LKnKdbIsImiao6wcjLgmkBKZo62f3LHIkGtY46cYtaLa2SGiXk5H3HcPNf1UfcxfYOwPNxL6xe7ltVZwbsk-6EDZFlLjS_7Yt0CMuFZci0EbWznx7MJsjNDMEMCsvRZg5ht19kIl3D9fRueQTkxawvRV_w8xkEWmOprj4MWX-wZ-EsZtbJLOl9VEYfIVdiwuAFW919Oyyvrvyt6HtRAKXp9-AX2SbbzKOrAyEapsW_YVoC-rnIOMM0Lz1h9mYNqwRAqvaQg5R8wvT1Kqec91ucJSkSe9Mw5iMvDoY4ZbIY5LC5oSCefsSKoxpFlA2HaW2bV90os91Ds62kJbcLjg8v3TUrULWW7D2oCYElcrUxQKnHHM6EUPGzsspT2pJvkiYeHlEnUWEPI5XtczLVXkb42TLK09e_bPiFj8srSH1JBS7ala8HDn2ll9yLEqlmFHmpKQuJyQ-RHbB_EKQZGwji2X9GSCwTMrL_Wby8pBW-92qhVI-oWLzd1Mzti3GbklSjUk3FKcIcv2deqcscO-XQf-Nl-P_eud8wt-fBWvtevtx3mY4cD_vcS90rXhbNPEuw4kY0DHH_VgCxl8KMBzE6rpJ3BfjcCIw5SnkW5jnd8qSe2w_yfF1j_XFiIbHndUd3DzB-7TL84UDxfxUIihr_A2X4WJBWAlUjTWdickhgHGinOfEv90h6npg-p174-d7VKU-rLpKmtI3bHDCUpWB3ZYNEc_k8MfK-ZTNerzwu3csUJPqbFW09ch4dvETelRWxLrNxaKhMiEOZyvKYlSeuAS9V218UiHmm4C7kzayJ0kmF_q2LE-p-kyFXISlMye5byT9VRY10t9DnN0ZljRCTV6C8H8FKSl2jzQ1Wb9cXQXkwohcW_mgNaaw9J1TDVLWEaaJNuIRBeRoWvKrFFzcO3IsJdYF_BJtnd4RFjcAuLIvd00p0WNvnjeaeW-C2fcFXdxdb8VU3KqoXSiWHulfm_H-51vwDU_JYNwujjF6n2Psg9VH1q2dQm-rqKdZi957LxS0uZ-y2xf2aU_1_dXLfziRfH97aHUjE9oa3xUtWWzhP9WwWU7L82RHR99kXNO_jMtle_-lI16aNIz5fqz0DuFVBD5Rrbd4MMU76aox5VZn0i514ERnXkPcCYIuBWzsDkghANlY-vHmHpTUjqaD8SjPEoTjlOCrKt5cbPIoDKLlckalVEjikTeRDKAM7UD_5F46OchV6NeAuSBWpuYHr8xt2RPjE9q-nGyPoIPYmPQpjGhkAF-Jjl-hS7QFOCUYbLpy4Jn7F2HXKvs6eRcoXPmrPq0p_Q8msvqL7ZpKmoFLqVgBwVmN-qbbxO-x9PHM0OjwekLcwVWvZyGd57UITrJXTIommwfael8i0O-vwxMQIxhKwWNFuoSoEdkx6qP-od0hjN418yrLupXAfeppLek4H9DEWUFeSbtBaNJh1BASw_b7kz0mp698c7LooZqMo4b6Y2RLNVR5VdfR7K7k9k1JAMiv4_KIIS0FmuwyNsSYE47_ow9w4gHYP-efMyreMxwC-OoJ4cL9ObwoB-wMX9kT_C4Tgv0sbcWbnT9AlcjYyHgx_j7INreOrcR00igYxYOSVfdNBBJn1Ljswe-ps_qC47pyBmdtQbw0s__tH4IPwmkVaqV31PUrnZIW9bgsOLL_CZWrM3L3NESalSdvN_XHHlLDhVpu2eaBYzg5E4B_v-JJ8xLRJVzq_KBig29SjAbMFbvRCTg9MxZ-NARd8Qc7MI0_KXrCe52GGYAljdnuUI9hTiovxbMzcOwwshptQUlKJitcAzJDH5-JcVv5YBMl2nAk_R7q-9LMNM7g_wM4-uYEnnX8K0XhuMIz4gaoCuo_b0OULAD26s_Du0tk7g7i3MiI8dvaJeEWbcA3a196DVzwIw3vNgbY1z_PfuxlKVyhjOnd1xukgTCy5RAv1YLtU8XBiiuSu6-8e8xaQv2kdMrgNtP0LP0O4noVPxEQkjQbMpd3RAOGOdW5wERVI3YCICc0Tp3A9dr7NncV5QP9uRaPPsHPdXpZ5SccZNfEB1gQHq9j5kufz92eJM0DrF2j_A8pAFSh3v4wFpiNSDR_-2nOrhRyLBDhphBjge58rLgOefvJ2DSiytJ-nRaqDafKIWgweHOBS50f1UvYOF3avlPkj1-35YirPUOoYU5ysUPKShoqyf59bEB6nyer4QW3lX071AOGj5y5o6QSGLDnr2aRb4vr0abOKwJZ85NRPikz-Dn76pUM3H6MXEvHm9oaEOQyYcOY3inrod_Be3PXpFDnq62PLSkYHEaTZMGVEemRCbtwK6OAPDkyok2NfqElI8rupo1jY1BOeaeONFnvIuqN2ffP3trCkAS6iBX-pEeoautL5j5FSGsAfDak_RdUpH9beP-wO1zBV0aUOm2kfyh_FR-thEE6uo2yblv1xLSBoN4oDzFR0t1V63kVDXUhhOmQXGphWwesOieKO7YrTi-9h_n6cB94P9Q07rNE19nZj_FxwGUbkR6Y7_SCNF7jt38C6RuKitEeeSZWahtZYwSJBTltutTyh_ACoN_Hb9P9JXDKMa-JvthpjAQbNSpAAPrzavl8Z9ZKJzKxFSU3lbZ7slxfvxXbdvy2XsnnStevQT7FGGcc53wfxXYxnDgVDfBQrdfeypIi-CpoDjtYj4xheSAP24juKjDJ3sydCUIPq4KeLsjEmHtC1o4X9Htve8Gw3WcY9qaV_jM-xND8go5iQsuSZrKPgaben8w6qVp4GGEylBl6Qlfte3Pi7MmnpC7oNDI8elpjra_6iUf2_q1bjjl2akLVqwQbLAeAB61osDxrAnMQW7daKMrwRRipnc6PjlXSlBF9tVP_n64HzUOMkp8XwDGNy7KE7TZ1ZvYOrO_NhSOi2TfNqrFCR6pqEwnk-r6d9cW1bzZDQzdeKDN5kEmobDAtNY4Uu9BDaHX1wFwwGYiSdHASdyektZR47BL1xt3al84-53Z9gaslMpFi1uisM32Nmu2g2-lBflJhdwLoM3XSde8yMJxeWw1i4x3pTWIuX7su3yuOvcqYIo1XJPpD9u6uy1mpH4qHYFKGv05dL9ktmu3PzpisC64XybyCdopPdE7DGK6wkQ4PpMwGB8gGgCkUnpHD5nf__BRdHBf44Moq5mJ0tZo2UdaRJhOJo_Yz9RhX0POo5ixpNE-ULasrRtogNMFH3dNTxtD4WDepaEi7QfYQB02-YAvevhOQSiWEpeGDlVmLbncTZaOosiR1mOG0vtlCIqu2I3wO3sgb8IxNfCRYc4AZbZrxvDyqMB98n3sE8eL34CpHHxhJEi6HGunQzWWp3od-XvTsEzmnTTtje4_Sq6QXR34gS1uU6lzhzr4K72nMxrzLcWrRihEkWqIoJNULJlroPJczY3TTrHY8383pMoHsrtZtUY7MFyED0P8VlMl2Iypi2fc9oBAO_0OCrRm8qo1GenoHtDvfpUFhtOqYTwr8zNw51vs0ZQ52zooaf2_eCuLrtDjR28Yna9mirXGA_GFbHc9F5Xk3elVIiGuXa5U92gzsLwFiBmKFVz7N7KqiwGQ6lwrOJMPS2BcVdKpjBWqQtsx_BWQf7Co8OSpn7Lzcz9UsuHeFamYyC_HBh_C_e6AUXVhqKbU&cid=CAQSPABpAlJWwjjTRxHnV-YbGPWWVaxdIT5E8oHcRSfx4WrlwlRwnm3e7HlehRFkXocKlo8cfkLRXVOh4lO9qhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4034034850252764700&adk=2004672170&idt=161&cac=0&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fefa786b9c910f7639e5fd029f0989f51be56106e9ead9242d505a811a003f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12418
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FB64 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309200101/pubads_impl.js?cb=31078075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:02:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F8B5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CMHuI4EldRgICZGuiJR2iuVoFkKbAplZLbM0wuuV00-NXSgGUim8Px6OOjFbdqeLFnhJJDKjeu9y1IfPNKt87J5_nKqe1J-ya8ZusZvBakgAmaFXDvBEa19wt1OBUUxCAD99-xAJUr3Kr_OUO_A5I1bjXGhPJJ1vrvymVTDLXQ9717nx0&cry=1&dbm_d=AKAmf-Cicu4ZzLRKmv1dtHsX4bMI1NEnACs9yBFxSTgt38_pUBB_DVd0zbPjPoRYytZYSejcjmv1itv7tW3P0tH28qEg-Kzqj11rwC66k4zfh0e34L76DVmYoqEP-Hrk3SKYtnz8E3S7fGUIrQw0NEXBz5b3Pgvg28jMKJNlOOorC5wKWaNA-tWJXT3bFCxfgaQ0Dj_ZFSnQyIrlgBfJhsC5ceJDIFtPy5rvZMEvaM0e8CpwaB6yZ1Uyh8-vNtBvroEax8Qo_ebpvPIWsd_L7MzPJAzTGGplfsgpxhyWLguXd1SNnEfwK3udfwwdph5fVAMuAb8DGUf6SZq_vOLzB60TJCTAhfS00J7VFSHvXqCgSBkQvzD1SoqKsK8y9BQGwf2LKnKdbIsImiao6wcjLgmkBKZo62f3LHIkGtY46cYtaLa2SGiXk5H3HcPNf1UfcxfYOwPNxL6xe7ltVZwbsk-6EDZFlLjS_7Yt0CMuFZci0EbWznx7MJsjNDMEMCsvRZg5ht19kIl3D9fRueQTkxawvRV_w8xkEWmOprj4MWX-wZ-EsZtbJLOl9VEYfIVdiwuAFW919Oyyvrvyt6HtRAKXp9-AX2SbbzKOrAyEapsW_YVoC-rnIOMM0Lz1h9mYNqwRAqvaQg5R8wvT1Kqec91ucJSkSe9Mw5iMvDoY4ZbIY5LC5oSCefsSKoxpFlA2HaW2bV90os91Ds62kJbcLjg8v3TUrULWW7D2oCYElcrUxQKnHHM6EUPGzsspT2pJvkiYeHlEnUWEPI5XtczLVXkb42TLK09e_bPiFj8srSH1JBS7ala8HDn2ll9yLEqlmFHmpKQuJyQ-RHbB_EKQZGwji2X9GSCwTMrL_Wby8pBW-92qhVI-oWLzd1Mzti3GbklSjUk3FKcIcv2deqcscO-XQf-Nl-P_eud8wt-fBWvtevtx3mY4cD_vcS90rXhbNPEuw4kY0DHH_VgCxl8KMBzE6rpJ3BfjcCIw5SnkW5jnd8qSe2w_yfF1j_XFiIbHndUd3DzB-7TL84UDxfxUIihr_A2X4WJBWAlUjTWdickhgHGinOfEv90h6npg-p174-d7VKU-rLpKmtI3bHDCUpWB3ZYNEc_k8MfK-ZTNerzwu3csUJPqbFW09ch4dvETelRWxLrNxaKhMiEOZyvKYlSeuAS9V218UiHmm4C7kzayJ0kmF_q2LE-p-kyFXISlMye5byT9VRY10t9DnN0ZljRCTV6C8H8FKSl2jzQ1Wb9cXQXkwohcW_mgNaaw9J1TDVLWEaaJNuIRBeRoWvKrFFzcO3IsJdYF_BJtnd4RFjcAuLIvd00p0WNvnjeaeW-C2fcFXdxdb8VU3KqoXSiWHulfm_H-51vwDU_JYNwujjF6n2Psg9VH1q2dQm-rqKdZi957LxS0uZ-y2xf2aU_1_dXLfziRfH97aHUjE9oa3xUtWWzhP9WwWU7L82RHR99kXNO_jMtle_-lI16aNIz5fqz0DuFVBD5Rrbd4MMU76aox5VZn0i514ERnXkPcCYIuBWzsDkghANlY-vHmHpTUjqaD8SjPEoTjlOCrKt5cbPIoDKLlckalVEjikTeRDKAM7UD_5F46OchV6NeAuSBWpuYHr8xt2RPjE9q-nGyPoIPYmPQpjGhkAF-Jjl-hS7QFOCUYbLpy4Jn7F2HXKvs6eRcoXPmrPq0p_Q8msvqL7ZpKmoFLqVgBwVmN-qbbxO-x9PHM0OjwekLcwVWvZyGd57UITrJXTIommwfael8i0O-vwxMQIxhKwWNFuoSoEdkx6qP-od0hjN418yrLupXAfeppLek4H9DEWUFeSbtBaNJh1BASw_b7kz0mp698c7LooZqMo4b6Y2RLNVR5VdfR7K7k9k1JAMiv4_KIIS0FmuwyNsSYE47_ow9w4gHYP-efMyreMxwC-OoJ4cL9ObwoB-wMX9kT_C4Tgv0sbcWbnT9AlcjYyHgx_j7INreOrcR00igYxYOSVfdNBBJn1Ljswe-ps_qC47pyBmdtQbw0s__tH4IPwmkVaqV31PUrnZIW9bgsOLL_CZWrM3L3NESalSdvN_XHHlLDhVpu2eaBYzg5E4B_v-JJ8xLRJVzq_KBig29SjAbMFbvRCTg9MxZ-NARd8Qc7MI0_KXrCe52GGYAljdnuUI9hTiovxbMzcOwwshptQUlKJitcAzJDH5-JcVv5YBMl2nAk_R7q-9LMNM7g_wM4-uYEnnX8K0XhuMIz4gaoCuo_b0OULAD26s_Du0tk7g7i3MiI8dvaJeEWbcA3a196DVzwIw3vNgbY1z_PfuxlKVyhjOnd1xukgTCy5RAv1YLtU8XBiiuSu6-8e8xaQv2kdMrgNtP0LP0O4noVPxEQkjQbMpd3RAOGOdW5wERVI3YCICc0Tp3A9dr7NncV5QP9uRaPPsHPdXpZ5SccZNfEB1gQHq9j5kufz92eJM0DrF2j_A8pAFSh3v4wFpiNSDR_-2nOrhRyLBDhphBjge58rLgOefvJ2DSiytJ-nRaqDafKIWgweHOBS50f1UvYOF3avlPkj1-35YirPUOoYU5ysUPKShoqyf59bEB6nyer4QW3lX071AOGj5y5o6QSGLDnr2aRb4vr0abOKwJZ85NRPikz-Dn76pUM3H6MXEvHm9oaEOQyYcOY3inrod_Be3PXpFDnq62PLSkYHEaTZMGVEemRCbtwK6OAPDkyok2NfqElI8rupo1jY1BOeaeONFnvIuqN2ffP3trCkAS6iBX-pEeoautL5j5FSGsAfDak_RdUpH9beP-wO1zBV0aUOm2kfyh_FR-thEE6uo2yblv1xLSBoN4oDzFR0t1V63kVDXUhhOmQXGphWwesOieKO7YrTi-9h_n6cB94P9Q07rNE19nZj_FxwGUbkR6Y7_SCNF7jt38C6RuKitEeeSZWahtZYwSJBTltutTyh_ACoN_Hb9P9JXDKMa-JvthpjAQbNSpAAPrzavl8Z9ZKJzKxFSU3lbZ7slxfvxXbdvy2XsnnStevQT7FGGcc53wfxXYxnDgVDfBQrdfeypIi-CpoDjtYj4xheSAP24juKjDJ3sydCUIPq4KeLsjEmHtC1o4X9Htve8Gw3WcY9qaV_jM-xND8go5iQsuSZrKPgaben8w6qVp4GGEylBl6Qlfte3Pi7MmnpC7oNDI8elpjra_6iUf2_q1bjjl2akLVqwQbLAeAB61osDxrAnMQW7daKMrwRRipnc6PjlXSlBF9tVP_n64HzUOMkp8XwDGNy7KE7TZ1ZvYOrO_NhSOi2TfNqrFCR6pqEwnk-r6d9cW1bzZDQzdeKDN5kEmobDAtNY4Uu9BDaHX1wFwwGYiSdHASdyektZR47BL1xt3al84-53Z9gaslMpFi1uisM32Nmu2g2-lBflJhdwLoM3XSde8yMJxeWw1i4x3pTWIuX7su3yuOvcqYIo1XJPpD9u6uy1mpH4qHYFKGv05dL9ktmu3PzpisC64XybyCdopPdE7DGK6wkQ4PpMwGB8gGgCkUnpHD5nf__BRdHBf44Moq5mJ0tZo2UdaRJhOJo_Yz9RhX0POo5ixpNE-ULasrRtogNMFH3dNTxtD4WDepaEi7QfYQB02-YAvevhOQSiWEpeGDlVmLbncTZaOosiR1mOG0vtlCIqu2I3wO3sgb8IxNfCRYc4AZbZrxvDyqMB98n3sE8eL34CpHHxhJEi6HGunQzWWp3od-XvTsEzmnTTtje4_Sq6QXR34gS1uU6lzhzr4K72nMxrzLcWrRihEkWqIoJNULJlroPJczY3TTrHY8383pMoHsrtZtUY7MFyED0P8VlMl2Iypi2fc9oBAO_0OCrRm8qo1GenoHtDvfpUFhtOqYTwr8zNw51vs0ZQ52zooaf2_eCuLrtDjR28Yna9mirXGA_GFbHc9F5Xk3elVIiGuXa5U92gzsLwFiBmKFVz7N7KqiwGQ6lwrOJMPS2BcVdKpjBWqQtsx_BWQf7Co8OSpn7Lzcz9UsuHeFamYyC_HBh_C_e6AUXVhqKbU&cid=CAQSPABpAlJWwjjTRxHnV-YbGPWWVaxdIT5E8oHcRSfx4WrlwlRwnm3e7HlehRFkXocKlo8cfkLRXVOh4lO9qhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4034034850252764700&adk=2004672170&idt=161&cac=0&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 06:58:24 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		0
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
c0fc6b0311c6ce151569fee1d73bcfeacb5b743650d6d0349aeb35150480a000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125690
x-xss-protection
0
expires
Fri, 22 Sep 2023 11:02:32 GMT
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		172 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Haarlem, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

Date
Fri, 22 Sep 2023 11:02:32 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 65536-17211103/17211104
Connection
keep-alive
Content-Length
17145568
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 8BD6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2728
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 10:17:04 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0024 		0
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		70 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/cd233a70afb96cd167e1530303b3d74f.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
f262cc9f99ed794fac95b053ebc516d772c99b2c26f5090d43fdb0f5e24664b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
580072
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
17178
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 17:54:40 GMT
expires
Sat, 14 Sep 2024 17:54:40 GMT
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B00 		1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
30819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Sat, 23 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/ Frame 8BD6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230920/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 08:40:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
8508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 08:40:44 GMT
l
www.google.com/ads/measurement/ Frame 8BD6 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8BD6 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 763D 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
30819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Sat, 23 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 54A9 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
785ff0ce280100be75683550190bdcb6151cee53b20267c91afef88f78550977

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A30A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 10:20:23 GMT
expires
Sat, 21 Sep 2024 10:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CFEC 		0
0
truncated
/ Frame EDBC 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4827162d7155d077f7c60d61f57641634578a1a557c2993409e798f02a0b895

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EDBC 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 96B3 		0
0
ads
pubads.g.doubleclick.net/gampad/ Frame 96B3 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20BF 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
30819
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 02:28:53 GMT
etag
48472445140208031
expires
Sat, 23 Sep 2023 02:28:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F8B5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d019d75980bf17b58b05156bb6283d43c59467b8aa690d2dd867bca4c8ce83a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8782642214041&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8782642214041&version=m202309120101&ct=77&x=13&cor=159794977715089800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 88B8 		31 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Be_tRLn8i21ZzlQi9nQ5KqDm0q5MzMyHMGS_Ds0S7m9oSkhkZDorYMagvdJYBRK92sp7AloHwiVKZ4ms8yqCuOulFTWCcqwDilPiDwEB4VC-b2FpwdGCGn_e2eG4FHdV01RVQYpGcl_86xsuRVbBOFL8SyHA&cry=1&dbm_d=AKAmf-AFqA3X1qztpU1KVQRvyrryvsrSZ9UApyh4iWbdw9aZMQ7UKDOpp8SiMEEU8bxsNEQf3yLBW4LKD-VbuWDgf1fLoLyAIuw2khD819eSPSkdNpJyvBEe0HfKCZNWNJRdOPiLF-qtshXj_FIxdrtOWU80Wapo75I7kESb0F9Td6rIXgk9y_73Y2c-CFt6cSdOBenzf17DMS-9prsHXcqNoFCY4qmLDG3L9QCsjICfnfKpNByUSPfzhM2qf0AfDF4lHn5zJnrT_Tg9Ix7iiABkySaUZZJI2j_1P3NN7huJoKV6xV28Pk14cMlQkAZnP9Rh72oChf2FdfZcJ4AnT-JlJgk3ei7vo88LYvwIZoMp0TlnBtTdAM3XbEIueGt51ISXeduURAM-Mn6FcElbVBbLuUPcweM6Mn2hvEbTX_6rlXsUuV-QJv34jlXdU8k9atW6aRfYhXeN5cKuthkw3YZ0XZaDdR6hdvVosX6aZQffgTrZihadnGr2QaARsxH3YZwzLOFGxuoZ19V02zt4nFs5_K5KHRf14paF12iwQbuHqJ-ExWsJjVqkA2wgSD6gTHlFzhtFG7YXvSUJVqBM6UrAjFrp8pYLTPLAy6Ypm2hLE4nA-eTGP2Xq7NUCgC2AGpUoRL1uqFa_j08BqrCmby1ADuQb-IffZzMMmN9uP-63bHllk9bA9ylYAj6FRFTjjdV--Ujq0M3B-GMmEhKjB0SSaAx8SCO53UlC4-Ts2xl1a2JU-URg4_N9qtlgS_pvDYakj4bdM5f-mDMrRvmoRtWU2XQMKfFmDMffWaeHl6AuQ9hFTuzZMg3Rs4OTjjOuLuSERV2m_6QcKkZQA_pVTNrrRbCAwJg9D0KMT-I-yQsvHp8iVJ-6LZ-uCkNNriT5PUGouYc12oniOM6nqqKoZWmByACzwkdkWa1p2XeZNkdpZ78pYhBTI2zO_nD-H9K1URgv2KMFRokPSbwizimPPRyfZQi1kzUgrd-vgj26BfLGjnoOB87y1XMH5t7Ri-VLNI1btUPl0Ra6w7pZQRTlC2E7zPwHKDbfTozHHV82ozd5iwsYOwbSVhYd3B7HSh0cyj71SF7sqhcn4mEWk1c4xuoBxsYHm_au-Qr9ijHb8s1_dISQ-4iWW4VtbAJ1SKXG3rcJTVmur7gv-M8AHY4lMF0Vc_1V5JU-ZU4V_6RX7cQ8EQFiUNE8yNc2f-agChQF2fvbRY0AUPnVtsCjzG4Xr2HRM-FM61_pKh26uUtCn00GQGbSFxaJaBAUPR5m4osJr-rHRQbNuNDmDG1FzVwyxO0S0u9kUY2TnQ49OsOsYWvPtEaLlhlaQe4JEbjc5ev2TsnC4uhKTTIRK0yhA08DtMnt69kiDiGImcyyZmOuPKw3CIVLu2jCWzSEeaAwbeHHERlklS4zHuD1oYrHGzvde0Rd37daqQRi1pnZqYRtkWR-XcYzlNt79l5J47S_j13_b_GQWQ-fn6jIK4GCWYIPWRiBkG813CPC-JSim99qcGcZbvu7NXleanIsrM9AwZYI0yxBk_it5ehB_vwuQ67NE_LXL_G53SxbORewZtpEhAP-jGf1PPmny0Zau-aS9KqZBiGlGsXdw_X8YOEM6VmXahCK3IZk7QNmyIN3qFwfgowJ5aKRBBAe2mSNYE1iA8Su8n6XstHTSJjtS4R3u8GwM3kNVdx1vfgtk_lx_PdFKpKTa-PkNJ1uWAZ02trFbYyquSooOWHicPmykwLAnIWgSFldR3tx0Ny3TamlWcKxoQYzYOrJ6EBUjGU9_sovNZg067296za-MtBf6wMAPBkyBk3cMymQupSgY0PtzMRxdHV_agIJSMVSKYAmw_Tp5Ef_sdNZV_dvfYKf7PxD4aRYIK1vW5KF_OD38qi_XbY_lf780NRT_fyswN-Tm3n9gJTS6vWE4Ww8lj68UsiZncZcCuOZjhuTEwkgggEFwJ7Oet0Ecmv29nMx713OQfr2mDB_ac3QlJKSG5450Ei7Y88aXh8wYKJdRHj_HHoanIwBopzmPezNts1MAEsJQDu3TAMp7Z6zDqDHYbR2BFmdE3C4Wbvv0pRNCkRclh4_z9drvhRrutuk8d_FiBmZ52G1IWTymL4NbjcXU6RZFWkowi5EYH8tLZKAnXiydQtFOein02Q8HxDNcIVqiytsJiTt2cRvW7rq1578FQ60FK_nmdU6pUQixXy27DzRBhgvw-5yPfYYiW-3FSUdgsBEWNeZXP4J7kxgINJCH3w0LoCrDTt-voXwQwqT1lbfRL0RyO4Ec3mHLCM_TbSiUKbirxZXshSNm4znsiPiW60kZxza3fmzrGsLSVLt4pThj-_36egBquI3jpvH6zw925ryEev9eDycYxt93_bJrBBvU8QwCEEvJDkHN4L8SibJrNDw62N0NnBKP5pQwjzzzAirLnllRRqy-G22HjIneajAZG0fzmq70BqBNMIgxoMQeR729VqqSJEI4z2NaG9uqRGbRRR9mC_x1u9RX4E5yDiEVdPwvNwT7P1RysVRTPHa03gAQk6fz9dBd5pBSwQ1WX_mFnf3u7LkqJhqZz1X3revV83KXcTN8eu10_2OnY-WlnilbS1YmCUhfBtFcYm0qttMNjrPCHBblXMvS1iTtzF1nxPpw1SuaT9PcxmzeTSWLwWpMDezOrcX_r8TEKTMAHdvBSujfMuL5F7Xcb09hb0QvXEFhYcQ96OUwxEkr-zr-HAsdv5FFyqENjmEZsmeXWG7F1L6g-PNlmFZyrBtVbUtwd-F9Q06mT6Iz7QA3kOROYnqHfEIZoWGuPMInUhnCCVBB7vj2_vu1zdYBScaxof_YvARisT1SKsjLY7EtPCJq2glVT4tKwfde1II_q9rULVqGzlZVIuvwHDmppH0kqU64OFrtxsMtLrrqNf_HltqT7V21RfLBJ6UvCAgJYEe7kBUXpJkvknHQZYSSArjnWVNQuhGLks2bB6Utwdb-gmBHJZJYW5gGz2TIn5enZr6y-P5sll37KX6ZRqaN1Cehx2eHu0erG4eAk7KbOdzvgerQfXoptmobyb7Kc1W7mONe_7Hvv__4vyF9wdYyGwNWLXHCdmL-KutV_5FpG_ZdMbMBNhoRRIWeuPO3TsTJj7bb7NQhztq0ewtsoEETr9gom7wnkbZea6ize2upLM-1828LmS5lwbaGjXenDOK9CDOc4Wik7JqDYR8GSeua6gsSy-r7Mr-JeN2hFTVPuEJEXvqoqV9G1nwMRx8aKyE6cx9qphn6OWqShf5JPPb1dZ2SiQnfsaRUVtATodfvZ3jCF2b7GhcP7f_PLR-9YO0M4Z0s4V6PXuQwzzxfLDd-IbqpuFbWGkEIAv9oWyNXUX7cTEnIuL94p9ha4BeSquiuo9q6LqpQ6RdKoOEVEboBCx3IRiv9rfCxsd1KcycgKtY9mwJ-DV_05G3QLGs3nXJkWGSSxonF8evNDXk-fupqUrNGqbeD3ZKZpsJsh0ZCfNt3jBFEkXW08Mr28nXdpjdbKZ21WqunL_miUVOZKkZCVtDDjDqXhcvtw0rMVUNc9FaV_ZlPSqnYtP8VsGJ-KF0rq6pUtzD6hVMKSA9tKBrcICOoLxXnP01PfBCD1ilxPc1_PCpSIoCivwKsW8E75rW_GF0Cs7BocNrYMQpXRCa_79nUtSFMoTutAmNDYwbUzDBPelC9Q&pr=13%3AZQ10RgAAAADG7pLVsA045BZ-BLbBl163KxfdCA&cid=CAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ds=l&xdt=0&iif=1&cor=159794977715089800&adk=217762561&idt=133&cac=0&dtd=42
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a8c034ae42fc780fb6572aecd32f8e7973a9acb92b5ab67cd6d9419929a2bd31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18792
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 96B3 		0
0
pixel
cm.g.doubleclick.net/ Frame 2B00
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEI2SuHgQHuJgkAUnNGN_85M&google_cver=1&google_push=AXcoOmRBm1GTypbuE_uUQK76Ufhbg5pnTyfh0Uxy4BJoyUKbOxmnULNnriOEgSt7xfM9Ll8QEyiPTcIiMvGQg6zzyBN9sMVNu...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=_830750358622_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=_830750358622_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=_830750358622_
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2B00
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsML...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsMLqoCvZ2A&google_hm=eS1qODhYaGJkRTJwRlZq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsMLqoCvZ2A&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Sep 2023 11:02:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRkyEDUishwnbFXxx109iPHEXhZnj4JUEkH6lfUsosBbGoFgqMb2h6F3ctOllz9S3EzpSZ8EKOxblIMY_Z4D4mXsMLqoCvZ2A&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
content-length
0
/
c1.adform.net/serving/cookie/match/ Frame 2B00 		0
0
pixelmatch
ap.lijit.com/dsp/google/ Frame 2B00 		0
0
exptsync
ads.yieldmo.com/ Frame 2B00 		0
0
pub
cs.chocolateplatform.com/ Frame 2B00 		0
0
pixel
cm.g.doubleclick.net/ Frame 2B00
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIL5lVLdS8H-jTk29Wweres&google_cver=1&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtya...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtyaVgZ1rTze2fx3_7lDz0JnEKXQ&google_hm=ODYyNDY3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtyaVgZ1rTze2fx3_7lDz0JnEKXQ&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmTDUFVgcvuXc9Ywh3UBGWwV9qqxGBnQJ8oDQcCX6-RRXMByi2vCA7SLv_nyTheUZo9qmoTtyaVgZ1rTze2fx3_7lDz0JnEKXQ&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
date
Fri, 22 Sep 2023 11:02:32 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2B00 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ij54Q3YuwOf4sw0NFMJ70FAnE9gPSR359iuOPcjDviicEkcV1xwHnT3QbxIm7Bw1lJuAVl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bridge3.591.2_en.html
imasdk.googleapis.com/js/core/ Frame C83D 		723 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
42399
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236868
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 23:15:54 GMT
expires
Fri, 20 Sep 2024 23:15:54 GMT
last-modified
Thu, 21 Sep 2023 23:07:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 674C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:28:46 GMT
pixel
cm.g.doubleclick.net/ Frame 763D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfo...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfoCR7t4uw&google_hm=eS1qODhYaGJkRTJwRlZq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfoCR7t4uw&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Sep 2023 11:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmST1-d-yY1wPeLlDlZDnsFpWisTflKx9c2QYwlJWBotgjQiFTaAKhZK9DoiYQ4jeyQPtaUNZYhLFUKHROJGqUxUlfoCR7t4uw&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
content-length
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 763D 		0
0
pixel
im.bluevoox.com/ Frame 763D 		0
0
v1
match.sharethrough.com/E4rooAtA/ Frame 763D 		0
0
CAESEOsygJLwEiwuVrsrdGsvLtE
an.yandex.ru/mapuid/google/ Frame 763D 		0
0
google
trace.mediago.io/cs/ Frame 763D 		0
0
/
csync.loopme.me/ Frame 763D 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 763D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I5jAzPiI7Yo_iahXvYCmhKQW9k3hQmw2zsdjug7ftpSP4c5YcNEGClymqb_wpgzcAnhGXFF-SbpLk
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695380553136&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1555&pt=2096854949&tz=120&viewable=true&ddast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 22 Sep 2023 11:02:33 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1434
x-cache
MISS
x-served-by
cache-ams21043-AMS
pragma
no-cache
server
nginx
x-timer
S1695380553.343038,VS0,VE46
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 96B3 		0
0
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE45 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 19:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
54988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 22 Sep 2023 19:46:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CE45 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 02:28:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
30830
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 23 Sep 2023 02:28:43 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0A6B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 06:58:25 GMT
expires
Sat, 21 Sep 2024 06:58:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gp_match
um.simpli.fi/ Frame 20BF 		0
0
/
dsp.adfarm1.adition.com/cookie/ Frame 20BF 		0
0
pixel
cm.g.doubleclick.net/ Frame 20BF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL6MisYTWghec4af_cCFzdY&google_cver=1&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA1bjlF&google_hm=eS1qODhYaGJkRTJwRlZqcm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA1bjlF&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Sep 2023 11:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTxYvHV2KphgZE8N1IymKzzpBR7GqELnZWQ-UY1wterTpH5pMNTSHoD8oP4vNZhhlcBq68D9UoXlYuU_4O0lXlvbYA1bjlF&google_hm=eS1qODhYaGJkRTJwRlZqcmJhWDd5dHJxU1drOG0uRGpwVH5B
content-length
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 20BF 		0
0
us
sync.go.sonobi.com/ Frame 20BF 		0
0
pixelmatch
ap.lijit.com/dsp/google/ Frame 20BF 		0
0
pixel
cm.g.doubleclick.net/ Frame 20BF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIL5lVLdS8H-jTk29Wweres&google_cver=1&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_GtzyCUCJeVFKmbCOhQXMf1&google_hm=ODYyNDY3ND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_GtzyCUCJeVFKmbCOhQXMf1&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR4pEnCnyw9P4fwmQqdPWD27GLPbGsE5TVzdYPbFqERnOPIdZGZfovqXzE7lcKK2v9hz4QVz_GtzyCUCJeVFKmbCOhQXMf1&google_hm=ODYyNDY3NDc4NzY2MjUzNDI1MQ%3D%3D
date
Fri, 22 Sep 2023 11:02:32 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 20BF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_TxDXxtvIuXkeFAUDeEVixBtQvVex0KRzny2HJUEEtOi_MwyeMFNSr4_sklYcbnHDyRwj
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 8BD6 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f930261186b863a5859f84e987dc648646ae7037e391b9c76e33ba9b79b6bf9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/ Frame 88B8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230920/r20110914/abg_lite.js
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 21:53:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
47330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11587
x-xss-protection
0
server
cafe
etag
192838463742493612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Oct 2023 21:53:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88B8 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 11:02:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 88B8 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 06:58:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2024 06:58:24 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BF17 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a66869cc101c430a9b9f14afaab705ddac514dcdf31b09c55b18566d4779738

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80aa0e6b08a9233d-ZRH
content-encoding
br
content-type
text/html
date
Fri, 22 Sep 2023 11:02:33 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54LeMZLo5gWddd3q1aawDc3J1zIl%2B0nk5rmoDD6Ex4Mxmoq0maIB2VUSeEA%2BKqoG%2BclgRt6jIq32L5euZEaoDKbFE0NLkNSbvYHRM%2Fla%2FBQl%2B4zhOaH9ozzZTU0q6v0%2FGDmtA2z%2BV7aaSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 96B3 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 54A9 		0
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0
r62eglto.js
ad4m.at/ Frame 88B8 		25 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
327636
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATWTq7LxTdRr4oM3dwJfenWTnvfF22BRhZkB04Kq2jqqsGsIznUgKVRFNsPN6GZBGjHZ%2BLv%2BaQeYnuAbC7zEC%2BtwS9g52Yp0kw8af0nGK1QWN0DKzHWzbi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
80aa0e6b4c140b6e-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Sep 2023 16:30:21 GMT
frame.html
ad4m.at/ Frame 13F7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2564862
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
80aa0e6b8c9f0b6e-AMS
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 22 Sep 2023 11:02:33 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDryhToHM9UyBooLZI134Xxf4CBHc5I4tJNVVism0OILxCLiteTjur%2B%2BPnG8IuXpknbnypS5wNpoDhcz%2BI6IPnilu5Pna3VH8DVu9sZeiwsL6omxVbki5RQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame 8BD6 		0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLmHGR3QNZcXTM5OZ_tMPyZqd0AjJntKxXNWdkfdwwI23ARABIABg9e3HgdQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAuRd6Fr03rE-qAMByAMCqgS-Ak_QsCTWO4Fd5hwgHpZ8rCN9_OqSex0DN85Dx1jwO9pYDGwVs128P7oNYDj4I2Iz1UPQybU86Asik1LjXFDO2l0MK9BNUVT-7G55U5dNxXeqOOMzm9jynXekASiMwuG3ylfPTUDGIY3H47PCcXYLmpz-up3hLJXLGWC-6cJ0BB5zk2zE25DqnoHnVQ4vVQyXVG0g-s8erDNu_VtuqXUM3TJ3kkSv7dUZBpHtiwwnJH4CHZTRBlCsksmb2AOd4Jbm8EeAGZoaRRhjULWo_VqwUaP9-1P1HvQPMbMQX9xORnT6UmDiIas2TpJy5q5A4CikBwg6JIcjAUema6H8bR2-xM6PLOUBEyHyRB0QdMuVLsQvKRsUFzgAVVpYZJwOQrGm_zwxQLX5xrHzmTpuPEWt17KLKN-6_SBBiPJ1vQu3rIAGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=VPnZDIdQaWU&uach_m=[UACH]&cid=CAQSPABpAlJW0hBioLu8sSPdX8YtJomLNpd1-F74LxuwGPGAOzZOMnKcH1SyM_TiJvLXxUtW4Cx5lZifzuKiFRgB&cbvp=2&vis=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Sep 2023 11:02:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8BD6 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1DA4 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230920&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
58320cd0462ef6a288f348e3a13fdafc025acd36add3253dc18140b996a88aef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11980
x-xss-protection
0
usermatchredir
ssum-sec.casalemedia.com/ Frame BF17
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQ10RwH_77UT8s5xuzaBIAAACIMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBJ50DDV3ixxS9Suyjb0vCY&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBJ50DDV3ixxS9Suyjb0vCY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROAXQVDEovJDewH%2BdOgc72f499TmCcQWBkrqo4BPbKh%2FyPogL0LmQwN3KIpPdhDwcX5h%2Fpj7RIR1UZO%2B%2FuuRUDhgTR0hOVQsmUNeyVjbCC48Yzgad9Ygr5hxcN2g%2BX5nEQ0yJv4dnuEG9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e6cab292355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBJ50DDV3ixxS9Suyjb0vCY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame BF17 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQ10RwH_77UT8s5xuzaBIAAACIMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q84FMTXBHY6M39FYABKR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BF17 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BF17
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5249776766648800446
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5249776766648800446
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=md9Pk1UCWp3XI0wSX5T62OwmDG4DIwjV10TMPIqrJeU5qXBllrTgwUGAs%2F6TSc662VSPCv56LT5uRwEbwuU%2B1FOdmut%2BATtSuxD%2BvEqzqza6ejKR88ViA%2B3PWd4SfF6wWo5IflcYOfOicw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e6cbb462355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
an-x-request-uuid
c98f3820-d5a9-4949-afea-569d2358594d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5249776766648800446
x-proxy-origin
85.218.70.160; 85.218.70.160; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame BF17 		0
0
CookieIndex
rtb.adentifi.com/ Frame BF17 		0
0
rum
dsum-sec.casalemedia.com/ Frame BF17
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3950746303987600696
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3950746303987600696
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4yJKMwPLKe6tO%2B9ApyJISUjMSKsSJ5%2Bpn7FgId%2F%2FclRi2LcNAFrHHjg8JOigMH8z2j8G%2BmKAU9SYnD0yngB9qkAiUfOOIJGfePAgxCuGfc9sJKrezRhvbFtrSOC4L0IxoQ57%2FZvMM7%2FOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e71ab842355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3950746303987600696
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BF17
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=76D3EF1CEA0F483281FEE6027BABC5FA
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=76D3EF1CEA0F483281FEE6027BABC5FA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189372&gdpr=0
Protocol
H3
Server
104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFnw%2B9sOx3UX6ENee0MYkTimrVTYkbCQ6%2BTTKTVVPcV%2FC4bVPeqHxqob11kpcvvO2bCwlfkmn0u4Lm0Tschna%2BUs8mt%2Fl4MzuBRNfjRDniRY7TJhXe540k9QNB59SM93Kb8hANWZCxjsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80aa0e6eceb62355-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 22 Sep 2023 11:02:33 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=76D3EF1CEA0F483281FEE6027BABC5FA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Sep 2023 11:02:33 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame BF17 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 54A9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstB0oKo95tfDbmmT-4dJgdxaXWcp_41rolz5QomlRFUeZ42MNUgTxMpY8ipT0xv0-Dp_Hr3CSnDAi9-CKzx7KeBfeZntJzElkhPGDwOeX2zwzThcqnmqQ8BSxQewG_uXSSxXFrXuc24Bw&sai=AMfl-YQRRAjibtedFmbVUMvpKexuN6MLCeoBiWXkNR1-j3xCshHDMt3FVCVuKDfILhmOxaMK0RG24UxJpkgtnB0gTRgv-A-3K6Ww-D38froexAfbc2WHtQNLy0tDn6Hu&sig=Cg0ArKJSzBxHTQEdRWp7EAE&cid=CAQSPABpAlJWYj3Fbf1HFGQp0Y4ADc3lPoDU4q7nOUS25XXXP9kMimTjNvAoxxHBnBIbDyL68q34c70Gf8XfYhgB&id=lidar2&mcvt=1023&p=60,295,310,595&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695380551314&rpt=1263&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
pagead2.googlesyndication.com/bg/ Frame 0A6B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
186111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14650
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 07:20:42 GMT
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame A30A 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 10:17:06 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5ED8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
14648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 06:58:25 GMT
expires
Sat, 21 Sep 2024 06:58:25 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
pagead2.googlesyndication.com/bg/ Frame A639 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Requested by
Host: 23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
URL: https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
186111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14650
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 07:20:42 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F8B5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY8M1ST0BI5sLr-spIoN_CFC8D_gLLh7LQ2iRJG8fXGXLscr5pReenIX2OE9BGCtyWEOVgLaTLB4N87CHw0dtxjK2AKT-8FlX3TNFeR7OLFl-gwIFVoy4qTtp-cnazsorAsGc7k5KxUg&sai=AMfl-YRp1W76uzXibkjLEhH07As77KIZnsGB0YFZ4_T2s5nqGjE1bYzgKluGXEbnw99IuBxSVTBfMPJLyexL8BINZfZAD3ZnRtqWI1qPQ7Z9z3sXwYa91l9JCKnPd_uz&sig=Cg0ArKJSzJY01o6qgUeuEAE&cid=CAQSPABpAlJWwjjTRxHnV-YbGPWWVaxdIT5E8oHcRSfx4WrlwlRwnm3e7HlehRFkXocKlo8cfkLRXVOh4lO9qhgB&id=lidar2&mcvt=1071&p=1110,436,1200,1164&mtos=1071,1071,1071,1071,1071&tos=1071,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695380551715&rpt=895&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1DA4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:02:33 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 96B3 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
bridge3.591.2_en.html
imasdk.googleapis.com/js/core/ Frame 9EDB 		723 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.591.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
sffe /
Resource Hash
80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
42399
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236868
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 23:15:54 GMT
expires
Fri, 20 Sep 2024 23:15:54 GMT
last-modified
Thu, 21 Sep 2023 23:07:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 76BC 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:28:46 GMT
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		0
0
1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
pagead2.googlesyndication.com/bg/ Frame CE45 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
186111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14650
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 07:20:42 GMT
text-31000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/text-31000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
c758b22131087205c0dc72ce512890adca6064d7efd97b3e77f0575fdc66d08c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 19:15:46 GMT
age
229607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2255
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Sep 2024 19:15:46 GMT
CTA21000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/CTA21000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
b41bdc3a31a7fd0399ae4aad24ff98ebff0fb4610e7e01350b45d2133c5cc974
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:26:01 GMT
age
225392
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3382
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Sep 2024 20:26:01 GMT
CTA11000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/CTA11000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
293da54225a00e5a63e56cec9f282aebf16cfc55fb7caf43e7351ee9f4884299
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Sep 2023 07:10:52 GMT
age
445901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 16 Sep 2024 07:10:52 GMT
text-21000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/text-21000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
44f86ae6bd6afa062bdf4ae13b17860b21a5e1aecb1ecfa904169e4e00289b1a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 17:54:50 GMT
age
580063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4333
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 17:54:50 GMT
text-11000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		21 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/text-11000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
d17267664169a565f232a5aa7bccef578776adca421ed7bf0b29d0f14015c061
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Sep 2023 12:48:37 GMT
age
512036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5390
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 12:48:37 GMT
Logo_ilmac1000px.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/Logo_ilmac1000px.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
ba8573490669fc6157ab33e033b388201ca4978bf61baeb25ffd0581744dd991
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Sep 2023 12:48:37 GMT
age
512036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1094
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 12:48:37 GMT
MCH_Ilmac_bg_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/ Frame CE45 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/MCH_Ilmac_bg_300x250.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
665b52f6ed389534d31511c985e3dd86b9d2a196a6ce8d54395d6dabf7b73fa8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/521435426401284564/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 16 Sep 2023 12:48:37 GMT
x-content-type-options
nosniff
age
512036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54038
x-xss-protection
0
last-modified
Tue, 13 Jun 2023 07:55:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Sep 2024 12:48:37 GMT
1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
pagead2.googlesyndication.com/bg/ Frame 5ED8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1oOvdJ-Zd8iyZzymJJP8dpJcIY19edQL40-8Fy2m33E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
186111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14650
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 07:20:42 GMT
json
gum.criteo.com/sid/ Frame 		0
0
json
gum.criteo.com/sid/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
b6448943ab12ad9253b463462809d2cc64ba87b86170c6fc1579a71ef9fda35b

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 22 Oct 2023 11:02:33 GMT
checksync.php
contextual.media.net/ Frame AC01 		0
0
isyn
prebid.a-mo.net/ Frame 8D78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 22 Sep 2023 11:02:33 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 7462 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1695380550093
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
911fe2487da11a48e070cf725b8967a63aab680542e378fe5af2b0b6e03f7924
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1210
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 11CC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Sep 2023 11:02:33 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame AE9F 		0
0
/
csync.smilewanted.com/ Frame 37FB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80aa0e6ddd281c87-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 22 Sep 2023 11:02:33 GMT
server
cloudflare
vary
Accept-Encoding
pd
adpushup-d.openx.net/w/1.0/ Frame 4B3E 		0
0
sync
eb2.3lift.com/ Frame 5B98 		0
0
ixmatch.html
js-sec.indexww.com/um/ Frame 0C12 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame FCDB 		0
0
usync.js
eus.rubiconproject.com/ Frame 11CC 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c2f9311522f3953763a4e8f71eaedc1e2c599ca4db6f3342f12ce5766ad60d0a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22 Sep 2023 07:06:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72178
Connection
keep-alive
Content-Length
10515
Expires
Sat, 23 Sep 2023 07:05:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F18 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2531
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 10:20:23 GMT
expires
Sat, 21 Sep 2024 10:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2370 		0
0
img
sync.mathtag.com/sync/ Frame 7462 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:34 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 22 Sep 2023 11:02:33 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7462 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7462 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=iMZTQ9yKvY6bqMgz0PtdWq2BIwWDaklcDLCGJIVQVK4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 7462 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:33 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame 7462 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 7462
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LlVr0YwrZ0rlGh3oHj4kHltnPyr8c5iopJZ3cX3vtn0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LlVr0YwrZ0rlGh3oHj4kHltnPyr8c5iopJZ3cX3vtn0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Sep 2023 11:02:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2ZR7ERWM5KFJKZYMBNRQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=LlVr0YwrZ0rlGh3oHj4kHltnPyr8c5iopJZ3cX3vtn0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
generic
match.adsrvr.org/track/cmf/ Frame 7462 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 7462 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1695380550093
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rs
ad4m.at/ Frame 88B8 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bd5d4d1ae6670a20fb6dfcd97f3bae6ab6669b3453081fbabe384202d7c6609

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s65B0qReLWDM5LlkogGn2I8bFUW%2F6%2Fk6j8gsq19oeLzQGrRuMhQNyxRYxoqlU7eHpz%2FtFJHEp5wTvKW2hHA43SKnrvLHPQy8P57OfZB1UkYqkiFUlaeRNSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cf-ray
80aa0e77ae7a1cb3-AMS
x-backend-server
aa-reachservice-group-europe-west1-7s0n
alt-svc
h3=":443"; ma=86400
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 37FB 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
176300
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
80aa0e7059ce1c87-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9EDB 		0
0
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=onetag&bsw_param=ff8274a0-150a-40f3-8007-83e33490fdf2&google_hm=ZmY4Mjc0YTAtMTUwYS00MGYzLTgwMDctODNlMzM0OTBmZGYy
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEF04e4tHm1l_5sZdtoEIlyo&google_cver=1&ssp=onetag&bsw_param=ff8274a0-150a-40f3-8007-83e33490fdf2
  • https://onetag-sys.com/match/?int_id=30&uid=ff8274a0-150a-40f3-8007-83e33490fdf2&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=ff8274a0-150a-40f3-8007-83e33490fdf2&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=ff8274a0-150a-40f3-8007-83e33490fdf2&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ 		0
0
/
rtb-csync.smartadserver.com/redir/ 		0
0
/
rtb-csync.smartadserver.com/redir/ 		0
0
UCookieSetPug
image6.pubmatic.com/AdServer/ 		0
0
smart
sync.adotmob.com/cookie/ 		0
0
generate_204
tpc.googlesyndication.com/ Frame A30A 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5vg6Kg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame 5F18 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 10:17:06 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://www.bg3.co
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80aa0e76fd891cb3-AMS
content-length
24
content-type
text/plain
date
Fri, 22 Sep 2023 11:02:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hjeiAk1VnRFvn9mQxeN%2BwGv%2F6ioJusBz20InPPPQzqa1ro4JRHyAc5xFh2s2jsKOUvSFS%2B479r1ziWA2swJOJiXJTbp0lfYRQeNX1NH6mGda7xPcuJk1y0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-7s0n
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A6B 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUWmcSHQNZZL9AcXo3gPwtL1AAAAAADgB4AQC&bg=!LS6lLmHNAAbbC4-Z-ws7ADQBe5WfOKgGVEBzDTQZHkWH2D0HVGs8HrZugcY4voXpb7rLCkMyz4xjekmRXd9IbsQwlmPgAgAAAmpSAAAABmgBB5kC-sArxgzoa7s-K71MCzEkvkSQYq3UqmWhOGkDjd6zxMCYAcyMApjhMOZYtF8lb0GTeBWWjmF7lkjI0vBjr-QjWhBQuDZ29f-ugNdy2ao6xg6CeLgXdwLs8jKChHniFkXaVBH_AyTbsl_ryVPMsbXmXmCaov8fdnZ-8aS8z279hgAY8994wzfIrG6tBD2TX6ZtEik80msgiCZ-ATOVx7pF3YesdlskihQcgw0PB4SEj-12JYYoG42f89ccyytYMxnGMfGQYuKbrw9rCdtwRjyuCW6-plSWaTztXJRbZRV4nSQdgPtGdH5ljdfsx1G8K50b91Fs1agPPfOc8TtSdJGtECUHM3isiI_y5ThxzST2_mpUDEuSTT6ga7JSsOdsBqVLZrlyhezjiRhTYX5IP6oeTKMAz61PKC1gKLmamTCo2yAahQmcPPeXZBfg75F8f26Aqg9sztzk1GqYj9Rrr3qgJFt4gJfEwn9JZvmcf9MSylnZ_gepvhkT00Y_Y3ii4r7K3JNV-a8VJIntcEn3Ls6Bg_-Qk2nnuG-i73FyINUPEwuh5P2hNF5B2mXfk47vvMPgG9w07TPO0puS41m3ioT_2o0ohJGPRYscRFNVC8FWnYxuqTXaVCTupIAYjxS5pAm5xtklxq4I-WZTqdUQWmeV3v0WisYzTh8Uv46FL3WYvDP6U0r5uM8KuqVoXO_6jcA3tjVp98JOPdPH2gEm1YxhS67NDEu3ajMaJ-hGVZQPgtroDsfgNJFk9P2ndU2wW2iPIkMHAsew4nZyZLiE78Tpn8KaqXlFK1qmxXdhPTskb2MTJt9FTzUhfTgMqkkNDpnxzxyoPmtMjWPkXcDLsbNecy3583dLBefajOy03ChAF8c2YurPECFLFScHr_aRALC2r4C-slJc_pCG_VYtoJG72Cc7pcbbiX3BFLLWD81do07Y-sd2N3eC2KhGXVEyMQX6S1TLAAZjRsvjuwLILrZhy7Uyh6PLh4WNip5M1AYqLT2O2nUIXLnFYJ-tPw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame C16A 		0
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80aa0e716b4b1c87-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 22 Sep 2023 11:02:34 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9FD7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
a65a094de0d9f39f02860f75ad4973fa2c5a14dfd36e75ddf754b475bbc89194
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1099
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5ED8 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvTzvSHQNZcLOK5LT7_UPx5OgiAkAAAAAOAHgBAI&bg=!mpmlmdbNAAbbC4-Z-ws7ADQBe5WfOFV8011GoU80z8URnb6kTan-8JC2z2zD6cKcDR9MpjsX0kVCQMRvtUdH3k4lTw4FAgAAAPtSAAAACGgBB5kCvwpTNYLnRR2BHPAkBD5WFZXQJBpHDa5wQKq5M9M1ubnH7letTzZLehSrzUTHOo49lgCarTWFsy4eYbU9lEwQUd0C4PD8tUfodZIfD6iKEC619gU54CXwYBphEQxs_yd56N3b7hiCB7cn4DhqyK3bh4tagWAsULGUe_ojbg-HB9-uzRrpy5smX8a8mp_0n5b87LexNdwFV092x80qdYcn_YE7rd6CnLzPM2vYyxOo2Z6bpjSVpk5ZXat0Gin5hrBQtL6G05peheuev4Cgtu7uG0A41WN0oSUGp40a0kwEXYCQEkqo6VeNsl4HR490uhxavsTj9brohlkEwj-hABqFpMi8bqvaLeIEc85-8JUgbVOkyJQ76kWDKHO_dhnaLlmZqeT01c7Ys56_Cvw1OdPdKrS6EKymjJ1viRi3SKSR05xCkS29-AifDlku-cdrc_CEaPXs-JFJtxqsoFhNz1kdeKg2E3zScqYP4-4gDJf30_eKe1NlNqmZfKRtnipIlFyf-eVlSrA4gEG7hiQVtajpxFnanSaJvAaTqF0DNzTginVG3-cnX0meRBtz9I_Q77t7-Qyb6hBfVI2hUCz29NvX-N8_hU3Tr_0a7LPnK3-l70b5slP6XcQLmfedlwbI9aFXa7YHB9UdqbsbKnLBJkTkKnUXzXNt72hGzZHlSn5D50MyDpVt3w-02WdLc7Nzq0VxDqtpWiBkxS7cjrbG_zP_3t72iYqhqv8LLqgjs7RRVsWXFlVr4agEoS9mn6uJcUHCCW9PKROJGRv9Jje41CP5xTGZ-jleB3--gwpCIgmY7s97hcGVVEiphhX3w_dlO4w9S5xaAoP_3I8G3OR2tNasQKu73GMxzRtxBzSkuWnGhcIDOWFn9tMxduzpcInoYfPRIMb-9oqz2piMyKXY3w0JInMrgkdn5oRNgpEietd7LsQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
ap.lijit.com/ Frame B57B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 22 Sep 2023 11:02:34 GMT
X-Sovrn-Pod
ad_ap7ams1
img
sync.mathtag.com/sync/ Frame 9FD7 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 22 Sep 2023 11:02:34 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 22 Sep 2023 11:02:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9FD7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 9FD7 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.148.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-148-2.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9FD7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9FD7 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Jm4xOfp8QUoWoGben7yXMIQZmUAk2DKwGKClu8O8REg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 9FD7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Jm4xOfp8QUoWoGben7yXMIQZmUAk2DKwGKClu8O8REg&gdpr=1&gdpr_consent=&us_privacy=
csync.smilewanted.com/set_partner_userid_get/onetag/ Frame 9FD7 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.smilewanted.com/set_partner_userid_get/onetag/Jm4xOfp8QUoWoGben7yXMIQZmUAk2DKwGKClu8O8REg&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-credentials
true
cf-ray
80aa0e71ec591c87-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame FF4B 		0
0
generate_204
tpc.googlesyndication.com/ Frame 5F18 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3lMz9w
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B5 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1835539402113&version=m202309120101&ct=77&x=1&cor=4034034850252764700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rmpssp
sync.1rx.io/usersync2/ Frame 261C 		0
0
match
ads.betweendigital.com/ Frame 71FB 		0
0
smwt256.gif
us.ck-ie.com/ Frame B68C 		0
0
cookie
cm.adform.net/ Frame CB5A 		0
0
f9b6d94ac771c4d83119e0641958f8
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 6097
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/f9b6d94ac771c4d83119e0641958f8?gdpr_consent=&gdpr=0
0
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f9b6d94ac771c4d83119e0641958f8?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
80aa0e743f821c87-AMS
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 22 Sep 2023 11:02:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 22 Sep 2023 11:02:34 GMT
Expires
Fri, 22 Sep 2023 11:02:34 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/f9b6d94ac771c4d83119e0641958f8?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1695380554776054-390
v1
match.sharethrough.com/universal/ Frame 07AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Fri, 22 Sep 2023 11:02:34 GMT
smw888.gif
us.ck-ie.com/ Frame 6EA0 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FB64 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309200101&jk=917026010943858&bg=!NzSlNHvNAAYrDsWMCw47ADQBe5WfOJF7hMk619ShFVAjSgThvX1JKfBfegNl2-GNTjvZfhHrbIbMBrRjj4op4jJIt1UcAgAAAmJSAAAAC2gBB5kCw9v5OprZe-hMvXlKkwJIU-1gTztdM8ghe4WNOhGqhRgusNeYw4P3mz2Kp9Ag9yvxzHdB8TKM3HvfwfkjS4lEydaNQZtg5Zfltl6Y3xsZvfF923bq-UedJvmNH5VUmLlvljBgsNMScIJj4RSxGSG8fexQh8ice8S_lDFlL5fbUKxTD9KwZPccsWUprrw8cj1xyiRR5SSpki2s-PskihiSzrPe4T990Dzvi5hRW4o2uvzXBmQw4PgIrI57d4ra-i_lRGJlvBbqiEqBQrp8TfNK49MoSPS-x4kvqX2Q8vHB7Kemo_N0WzVe_3n8wujlsNQ7pwhXpMkm0ihxDcKH5-bov9dw1OmHReg9-SwfWUIbJCXehB4dbP5Hs9hlFAafPstdFFB5amdRWi4Y45e7eOtnpv4YXOvUMLKVj1O4tN3vqqaB-yOKghIo0UJcv-UNlua-23heySBg9lbQtM9tyEt1rMqABDGznRizslBWRhVIBszg4mxMdITPsmxlBd04aSkKakWrz1SNk03rcza5NEhpXZakLIKNAJwwtmY2ayEyTvgrosdL6JE9sopahT0eFyhLRvvpUckVD5dHHK5ymZ9bWTXgoD-RO8on_pWXyvgBtXOZ4Xs3n9BIxotW48zRSD3s8xpBlOUFDG1cBZ_pH_NF6UPnuTpBRgCqIy3Eb3phPjWTiJ76L2QLPtXV5Narsra_SOTImLieY4S68GonGd5WG3S8rQKAbWZbk5v601h3k1C9syw8oKvWKX4ZcqXbgsh8cezBHml9U9vgb2wuwVHRJi6jHTYg6kt0Lt81J-subfmgfA263GVzJAkyNMg5GPPMVsEdsieeEKvHs-z6KuaPklvcak4Hglx_yXabasLfE6xDeJKhNnNLZ2IXGQUGL8qD_hF5R54HBKotKkHqBZgReiQ-85ur2_bWVnt5cIK3gyvwNSjx
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame 9EDB 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
7d71a11c9b10f304011d8573c241a1187ec6fbd442858ab139cc03b9a3dc99fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11989
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1DA4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230920&jk=15580226547372&bg=!Xl2lXRLNAAYrDsWMCw47ADQBe5WfOJXxvKwZlvibLslRiL1-yZaoq6vyMjpJnP2Lfxcof_j_23xeEBd3voYVhWjajeeXAgAAAHlSAAAADWgBBwoAP0rktBVvPBb94znNVTB_fZufJ2uKkmzozeMD3Zq4HGMM8rNteBW8hVABlwYoav6NVGAW_Pnq-HYcOegMu5l8MZkCwlKK5KxKeeDnzGjxXosaPp7GXkSJXVGFThAlH7X-yOokIighbeM7ySLYLyHkCdP-4WlWgX1XgDmS-7bs8VrpWkOX02t45RHf4znuRJL9NGZq0RNJtJhKDKt4vifLW2BOsrCLZxEORyqRFZgXg7Wg0gsth2cTVOsRQhXonna9HI4oSeKJx9iL5hB-Sx1_eKd6qrZhkyxCww5ztZVAMqVsOrudXgw-cJTiHbUUSUI15RcA9818m27REN6qqy3Z5jbEhhGrijU4ak59iyh-YaUa20XlU4CqGGeyk6lD5n3D-1XkdaAmYTBXGBOf_1F-f5Gsdi2liustA2sgghWXDy-9o4GQ81_owfqRFHzabqd3DQuZASs3Q5ToTFR1A7QNeP6ng_AWU4N0MXT97QSJnufoF_l-DFFWGaQ1GchRguhXSl3T7AwA1P0AoaWVo1kbDxHEWLMXQJndnT3ymsWtJvwd0yNafD3PXGuqromrg3XCzaPn8CvmTBbWB-uME1lyMCcZPZM7QpNdExCAWaeML-DDys5AezNJMbxeHRal3pVkcB3PqMRlwoJ_eh5yHynGeiTlllEGB_J3FKWYRxJOFIZhtFH0XPI1GmugIUHaMUI1WXHQW5ffwSbwsNBbKHYhdV4nrg2GznuQ2PbkGk5nYf1Wg8_Mope5eSjDalW6FBTR4lfSiSusYbYe8rgaxtrF5Ifr67AYjtguxueiXHP4lWR5LcLPioCalkAau1XxgQwgw0JZa7xEVanSKy_7pQ17NdWmltSZbS-n3sLRRtseD0dn6TXeK6L0hLsiru1G8RChw3daUN2g4TUpj1NBqlPegUL10l-c6Z7G8pkx4QHpk3F1AhalKpIKigjWHGLMEC0ncoioQ5wzIdHNaEOBxmmAwBj3dyeZXwWzBRKWZYEx2D23Sq_X3kLjC9u7_Ghd2wCe_XTRHMo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 11:02:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 10:20:23 GMT
expires
Sat, 21 Sep 2024 10:20:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CF92 		0
0
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame D2BA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 10:17:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
2729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Sep 2024 10:17:06 GMT
rar
as.ad4m.at/ad/ Frame 4788 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8749398f45e7ecf72f0d4fa724c1e8bfbf0395786d946874bf9035af62ea0d5f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
80aa0e786c690b6e-AMS
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:35 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88B8 		0
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8782642214041&version=m202309120101&ct=77&x=13&cor=159794977715089800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
generate_204
tpc.googlesyndication.com/ Frame D2BA 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?olfaUQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 4788 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
4361
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnKEykFrFYcPzR92n4ZAvasKVZl8kGxuPehEH%2FR7TwsW8BHVSBdA6SUQVMFaYOAXip7KIlhid%2B0E0qB5hZeauUG%2F7eZjzi0eEw0G%2BDZy4FJfu%2F64N7L2RNORXIk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
80aa0e790d440b6e-AMS
expires
Fri, 22 Sep 2023 12:02:35 GMT
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame 4788 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612390dc0a3660eaa5c88b0b07b7a18edf9835864e940a7d644032e78033cc9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1921314
cf-polished
origSize=14365, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
12701
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:11:46 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFyWp6aYpbdCJ4gfM9JlH2Nvbw2Jl1n4MDoLgPWa6Dcmkd%2FGX5m2cv%2FayQgyjelGdjj5227cSzHHYnvfO%2F3AlaSzRRyLVnySRF8C52jXHbsoDcBm%2FUpKsgy1%2BGebsAVd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d8c0b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 4788 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500709
cf-polished
origFmt=png, origSize=17719
alt-svc
h3=":443"; ma=86400
content-length
14118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBkh77ABXW0Ic7AjlA0YHRh%2Frydcikssxu%2BOIidJErfvLXz3Los7BOFohM5lWUWfLqH3WGIRkCioISqjFWigDehi%2BCtZemqt%2Bs3AWe9IIMRDTmHFySm2PPh%2FdpJXqfsc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d8f0b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
cshow.php
www.awin1.com/ Frame 4788 		0
0
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 4788 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
490551
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:08:34 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56ngWGJlISaMAcJ6%2FBMoygyAsHeKeCEk87qeQhGUV9oigS6qFI8NEzfKMff0%2BzkyN5LohbWCpBCay%2FjVIjhODZ4Kcap%2FMKUBtNlKO5NWbdEqGwiUkn1KJdWaOHUYTmQz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d910b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 4788 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
500130
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:16:07 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfnc3trt2bSnKyQTsS3h2A9ZKofss0dkRbsBiJfBqEAC06l%2Fl%2FU3%2FoXGkvmLENu%2BK6ghdWc%2BHPTC6Dlmvb4Z2xFvfmNKbg2vca69zZVGuku%2ByMXMarm0r74BINwGQ2j2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d930b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
cshow.php
www.awin1.com/ Frame 4788 		0
0
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame 4788 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143308
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Jan 2023 14:53:11 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UexTegKnpVToZV%2FVOXcW0I4QZ%2FmHmgQZhL848yj%2FllFzWJH5PKBAh5NhfEeUQG7e%2BzKyWpNdjTZZ57Fqsa2aNcohjCPK4jP9kMJcMkIZo590uvKuCSEcRvBp%2F9jjOugi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d940b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
C86E2D12A7B1628C99F3B4993F6560074067235F08F8D2F768D13B03F0EF28B6B234DEBF887434086722B9D26AC125FF1A1D2E6F3EF121E1719854E1B081B422
assets.ad4m.at/ Frame 4788 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/C86E2D12A7B1628C99F3B4993F6560074067235F08F8D2F768D13B03F0EF28B6B234DEBF887434086722B9D26AC125FF1A1D2E6F3EF121E1719854E1B081B422
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329288&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2Cm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HA&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2C7QJUqfJq5mSwqK9hrHXHgtECYY4mHGT1TQ9HM&c=300&d=250&e=&g=c306115ee5d4af5b3637a7f55c3bb199%2F5362317468626664517&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695380555476&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCzqIaRXQNZcKjPMrkzQbAjbq4DMT-wtJoz8bNpokL-y4QASC35YQhYPXtx4HUBMgBCakCxiPSdGThsT6oAwHIA5sEqgSDAk_QvbR2AG2bbrHZWObdxcWKV2bpGHGk86RNX9CEV5JaZ9kC7g-Vi0QrvAzanRibJADYoZ-qLJMyojNiPuMRoWF_XjiQpHE2xsgT279sGZHZ6fNSevbVhDAjTkVCer2tnLmXIEkeYSVPL9B6leLMdoXFGecPLxkL4X_QJ_o3U9g6mWo-nglvtc9ufqBRY4-VPJtp9cE7KZDnzkrikGU_GKJyqLlIleUQ8W6wC6GCPu6Re_PBO4DtDkp4P_dC5xTO6mXRzFgnUW_ahVgD1fcp4sSG-nhe2SxPwixHN9Xvfm1WMYPPg4Y_VODMWl4lX6WtHyDEfmC_LGGh519PAbVdZLt1pBTABLHRpdQ44AQDiAXBz_t4kAYBoAZNgAeBjvI3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGF8yAooCOgKAQEi9_cE68ggNYmlkZGVyLTY5MzY1NoAKBJgLAcgLAYAMAaoNAkNIyA0BsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526gclid%253DEAIaIQobChMIgtrD24i-gQMVSnLTCh3Ahg7HEAEYASAAEgKPevD_BwE%2526num%253D1%2526cid%253DCAQSMgBpAlJWsWKG25J0C12GdArrbLuo8mft_Yo4pQcNVikPJ1TRl3XGot3Wk3l3ZWvmNJ1FGAE%2526sig%253DAOD64_36Tr3fA7ztO0n6_BkQWQgimCM6sQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DIpIw-xo1KrBM4NDs0sXeJTtrX3k_D_jlCGnoZzfyq6k-_53AEM_t_n6gTpBP8ZhOQP4sm9HSfhs7ccjH69JrJOuJqmtP7iUcpdmHkLw4LcglIhCxlecsxQnifB0x_09-weIL_c9cMBbhMsdMgnmaEsSHllA%2526cry%253D1%2526dbm_d%253DAKAmf-AYo3hY9DZaHxMfH3kNunOSA0dJNDjXdCG58kGEFzfmjhHCLFF6KKdz9u4ipge14A5rvwhFOlSAsnftInqgD03HIAvmK0DNQPjVrNrw3WISwQsU0HlYyCIQZyv3b52yLoEc7F2atOLW3RA2BhXsAfNXjAwQjv7a8sskAh_op81Z_pb65zU8j4jE7PSQwusGxAvcc3gZn0tVntBjrL30tl3tUA95btPJvjxyzvnPkLsojYB7qpvXjcsqoLoGqPtKs_4WsJrGpxxuJqqEWwuXMqXUsIuJ1Hw59Rb1vt2g8cuCIt1cTGWCYa9fBHxA8B_b4uFLtAUFPjvLBYlK29w0NGe-neLd5Mh-sT2R7361HbOwY5Wq3CDCj2ecESVNNjjSq7_4P1AGryx36ByJmvneJpO4Vti7KX87ijFczIlu-UODe8Xcme7jwuwFc3_29OdwYeiA8w2rCqS3K3V9lirPQLbZ7cunvqdB3W8TIvCboovMM06K6YLAYJ-8Z1zcwdl77M0zyPblJvopRBTxtq5aS1ybyvujqMQMbr_Y4xI4JDiaAIh5vqGf_LjpINPE-iWKYlgls5nKnJ_jjo-sfOG9a6DluETIXcyTekPS6PzDcLXAqcO982UZUCX7QW2yrKjeuGEKrLTv%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca634537b90380561b7ce0dde0bde575ccdf766d22070121d30290419bd16c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139939
cf-polished
qual=85, origFmt=jpeg, origSize=88710
alt-svc
h3=":443"; ma=86400
content-length
37292
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Sep 2023 07:58:41 GMT
server
cloudflare
etag
"41718607d1186a1b117f0586f1c38161"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdnAtcMXdqj74svPGjuf2ZHBEg6HMkufM%2F0zSvn4UBZT7Gz%2BflapjV4qtR96tCLrjv5vZGNmUA3JNXjGYp%2FfmfMA0x0A2tjaYhifuWFzSJcUiaJaYs6UAMUQbYodkEAe"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80aa0e792d950b6e-AMS
expires
Sat, 23 Sep 2023 11:02:35 GMT
449f5b35d42da36163b184dc2e527481
min.tryiqos.ch/trck/epv/ Frame 4788 		0
0
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		0
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 70A3 		273 B
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNVj9_5pT3MkDbhguyrgQt_uFsRlPNrb3hWikNYrWbtvCnHuEksURZwL2RLdPnPLbe4XZb-wjK52_K3euWF4vqUhiFnIgg
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Sep 2023 11:02:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.150.144 Haarlem, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-150-144.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=229376-

Response headers

Date
Fri, 22 Sep 2023 11:02:36 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 229376-17211103/17211104
Connection
keep-alive
Content-Length
16981728
/
ads.smartstream.tv/cm/ Frame 70A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEFiwK2s7aioLWVyrM_IO734&google_cver=1
0
0
sync
ad.sxp.smartclip.net/ Frame 70A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBPjMgUHcE1nqrcDkDXlLMc&google_cver=1
0
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695380556143&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1555&pt=2096854949&tz=120&viewable=true&ddast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:36 GMT
content-encoding
gzip
server
nginx
machineid
1463
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309180101&jk=2441781182541192&bg=!ubqluvXNAAYrDsWMCw47ADQBe5WfOD36xqOID2LL20vEO_oB8Dl1yF9TjFnvCIks53FpNLfipqtKFG0l-UP7RS3z5Cj6AgAAANVSAAAAC2gBB5kCsmVIIZJ_kVa8_5VmgyRfRMsK1cqOcsNKzNGxwwyFIoaOozp2iyadfDC__5Kow3IU1piDYIOlhnSP46FNx89aHESBX9em11JicYGD7dOfZ0Xt46LS4j8hU3jiD-QG_1_QiDZP4WQ2T8eUQWL4yCUqrz6Y03oc6H9UXdUktYVGa0Pim-yBxmbnjF7J0FFoGt56tpHTBPYAHXGc7ycmfftvsMdU-7frUPLaxC9f_bBrfz81xl4TjL5R0ArMerBCYhs13DujVRPaoC-FeoGCzKHwxnxJi_aPrEf9cX9rbIT9pcIy2gH4CoZ7BEdff_fBcI-5p3u79uOQEEqfJsalRTg3xvp0iDlzMt_GYn6QgncJavtDVWckHsrluJ3Ye1Dk0fi0PZcNl_UPgF_SWEhyNhpU8u_JdBU_zXZNMf5GC7JODIJmn0LbQ0TY2dvjupeZSu0hV5RpTvGdNcO8CjXptpTeKBNjVB7NWJZOyNAeOcRnEU7O5dBmSYVIMDBEMwB0Jq8vbFFa1gV8-eEOabLl8M_utRzZgC0AxCCxFcgtiPV3MgUFznKmScpR_CqzPBwWrlG3ckEKnyla3fPBV2dDHPONBjunggSo8PR8grl3ulrBWJNakTj6UZPDdDKhBWG6gMnEvljXmIvgYjCRQByjcfqweifN20vBIHkgjYZ0QMIex738OuLkm4nX7NlG2Q5H4mQWLxespCNMSP87y4Zrwn57mnKhRT6ETuGq2lzuNrm2-LJ-LZ_DoPdynq_clNyNan5Ol6YcB5qf64Ei-Itfcd-88UAaLoV23Vg_tpR1rQxLqz1v9ugPR7HK7pSPa8amrwd53ueqk0IkRV7q74sg_Op0akhFoJdhNpPTIsObYSEUBp34blQXy8lXJEwt35Iv6GYXMA6JdXRFoi5AvGZGHOB-XYsrcg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 88B8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYFS0yatyVijEQ-qDv36Ya11uNIQcX5pishSFBHpvrGFAlIsdxK7pEHl7LDskTwRG_oBE3Ebxwuqh_AKr_sWYjmgZs_aIshYIeHk0lD8iR0jU&sig=Cg0ArKJSzBCbYMe41pMiEAE&id=lidar2&mcvt=1000&p=0,0,254,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230920&bin=7&avms=nio&bs=1600,1200&mc=0.98&app=0&itpl=32&adk=217762561&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695380551322&rpt=3263&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: d2q8xv8xf7whrd.cloudfront.net
URL: https://d2q8xv8xf7whrd.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=-2&tvi48=12611&tvi50=12261&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
64
date
Fri, 22 Sep 2023 11:02:36 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
61265
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-ams21043-AMS
pragma
no-cache
server
nginx
x-timer
S1695380557.731170,VS0,VE64
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39k0&_p=1180631796&cid=1067824878.1695380549&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1695380551&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=%E5%A8%81%E5%8A%9B%E5%BD%A9%E8%A1%9D9.2%E5%84%84%EF%BC%816%E9%9D%A2%E7%9B%B8%E5%A4%A9%E7%94%9F%E5%B8%B6%E8%B2%A1%20%E4%B8%AD%E7%8D%8E%E6%A9%9F%E7%8E%87%E6%9C%80%E9%AB%98%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pKTYoyDi0405Ex4C0uy0hMhF0OFmFEBeP03LJAnzat4%2ByTDKohKm%2BF5oPMmghWALXbCePC0wSiITrz5cEoKHKnspEf9V0Ut6%2B38E5usqSe2WNPD9vMAFHvKnOsA1i41MZOO%2B1%2B9eSxVGBnYVaNrOerT6ZPjVfMZTIWWmfOTz9BB5CmHAfQzMmiq%2Fp...
ad.vidverto.io/delivery/v2/content/tracking/progress/1813/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1813/pKTYoyDi0405Ex4C0uy0hMhF0OFmFEBeP03LJAnzat4%2ByTDKohKm%2BF5oPMmghWALXbCePC0wSiITrz5cEoKHKnspEf9V0Ut6%2B38E5usqSe2WNPD9vMAFHvKnOsA1i41MZOO%2B1%2B9eSxVGBnYVaNrOerT6ZPjVfMZTIWWmfOTz9BB5CmHAfQzMmiq%2FpYHoopME%2Flu7ODzsThzzaOhNkHb%2FUg%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 , Pakistan, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 11:02:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
perf
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/perf?tvi2=-2&tvi48=12611&tvi50=12261&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.bg3.co
pragma
no-cache
date
Fri, 22 Sep 2023 11:02:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695380559147&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1555&pt=2096854949&tz=120&viewable=true&ddast=V82_kCLAYE1ZHZRg9XchEIqiOzjR6u5CoAAABgYID-AMnNXB7bzOFYKzfL3Vo0HMzcCsPCtpbZbKbBaDSY7AabISC5mctjmzkca-VmuVuLhoOZW2FY2NYym800GI0Gk91gMwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8upfTLXa6NQ6nW2P0231u5VqyfLpla6fD7hY-HXafW_R02N2ao8vuc4scTrfG4XRLj367zy11Ouw-t9TpFrve0tfTrXP47ULT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQGCH6_Ow213-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMcQGGPOTSn-ly8iBXpFGAEAAACo0jYCPTJJJ6hYVPn__--3AnAFACBAkdfRZSqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEdDxw0wBRo9ir-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gYnGtRibHwuFbrSab1Ww4GG1Gq43L5VgtVh7bZHvyPEz3LMmOC_tsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBlGe52GwmhrXCYlqsRbORYy0xrnZr5cQ1mG2Mu5HJMluLXh_TxzCbOTeuLRIMeNuL5GmRTiS24XC0Gu0Gu5XNtrI4d8OFzTMZTmbO3cK28KwmYonmZJFOZJd9xeJajUyOhcO3Wk02q9lwMNqMVhuXy7FarDy2yb7lWS42m4lhrbCYFmvRbORYS4yr3Vo5cQ1mG-NuZLLM1qLXx_QxzGbOjWvfmC1Xm-FgNVruG7PlajMcrEbLfYfO8F19zkZlWSX5mDSL68-pvDkNCpfB4n2pT-dhwVhQnz1Hp0lbWHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXvZxusdOtcTjdGqPf7nMr15Ll0y1bOx12t_DpsPvcoqfD7tYcXXafW-RwujUOp1t69Nt9bqnTYfe5pU632PWWvp5uncNvF5reZotYIjhdpBPRy3i6qP-oAVdzyWI41w3mitlglQAAAAAAAAAALME0000AAAAAnAxquBkuVut0MJPZZLBbLRfARVCWLmAQAAAAAACAYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwJWorj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAryAmk9li_wBUiLVarW431mq1AhbEcLmbTOD___8_!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxtrshold1-out_vC!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
c2873486ad00a81263c8fe631215484e7b53bebad120c697f3dc26172c350f50

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Sep 2023 11:02:39 GMT
content-encoding
gzip
server
nginx
machineid
1479
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/0ec16193fbf94e8f04b4c82e83fe112c.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/30b40a8f653b1ad5a251d180e17ec544.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/d48c5706dc22f4af94e4fd215fa21d92.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/6867bbacaa6c840c0d4c2649cb566a17.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/82b8803da32e713a2191163eb823431d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/6c1106bcfef9eaf08958b1901bef9b63.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/98543eb6deb01daae0e8f68c29eedd39.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d2f763da9b212222ca279e8a2e9f5745.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/987d57254a7189384754d7e90a99bc92.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/e38fca65b55b2af8101db3e9a088bf3a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/161e84cf02985bf705610a82440aeb39.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/467cb227b609d35f616ca8dbc1490b5a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/3c5692996bc4b25f3fb783e706628fe1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1dfc46b2c93eedd5dab80a0bba0d7317.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/9a38b103e68cb48adfe08253963c5fb9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/9718aa940447578490a9e60aa15438e0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e9fa4e55a3ac61829abf2f738f4b61cf.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/06499bfc1146ff431d2c18123b55aa06.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/f38a80bdf234993b48524005c11366be.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/3631166877745cc343f00038b60dfc78.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/96ebb50427060984d741e3241f3ccc55.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/f5d9eb8369f7b35f1e0aa4898a6943d6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bef354950e1169291832e2752c6adcad.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/08161d67507223938c2653ef805921c6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/3081b722d7128b221cd95fbc0b10d9f0.jpg?w=150&h=100&q=100
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2S5voK5DRMfSojOBpSc3R2YQQ2aqlnJL68CJZvTQKX7rdVkhqMwCVkOGSwBY6Comkii50QZr1gQnqm8NiMaEiUSJUVA
Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253309&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hFIjr89mEQ4496bDCQ_eFc&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&aubndl=&audeal=
Domain
cdn.doubleverify.com
URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0hFIjr89mEQ4496bDCQ_eFc&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&aubndl=&audeal=
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmuht1r1&c=596368379695&slotId=298184189847.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551855&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551857&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.8&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551860&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551863&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.3&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551865&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551868&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
cds.taboola.com
URL
https://cds.taboola.com/?uid=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&mbl=ZmFsc2U=
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNVj9_5pT3MkDbhguyrgQt_uFsRlPNrb3hWikNYrWbtvCnHuEksURZwL2RLdPnPLbe4XZb-wjK52_K3euWF4vqUhiFnIgg
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Domain
ads.eu.criteo.com
URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQ10RwAM6cUEf4yTAAdNSVNVYvFsGEOtFkzBeg&u=%7CnancNNeBwTkdSLLsxxFOax6PqYgpWlr8x0tT7DCeFsc%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VI8Lb1LADPR86t9IilBGOQ9CO35yLX7tj9w66Kx6bRTlBp552TWN9vff-vuFyVKqDPa7OeZNo8rBVM_n4ZuVa79740ZHn1qhFlyBFjJEJUzgc6Ud-mXzr1ZSPzkhZaQQjIcwA8gKJGK0XGhZ6Gkl6DKXtWtzDKbjBRp3XkLCvOnKe6jML8GxASoCTQMDW_ifdORO9Zlokf57xwAkdLBdg0HK4gAoJXRDzwfwxhxn5zl9RCcTlieYorXbxsvmSs1EE3byx1AVUdy02GALy7tCoxJ6bKi71DZX80vtJcz3pwPFwoj-Mcx7EcQep2hDu4w4nh0JaJPZmjaEDNnH2GpTsCQ8agl0ZUHCHt0ojHptC4LZ674Y19V1_NBrP2O_weqlFCobFkra5S17g40uETmig07-2lKHTSrj96PpezJbXa995SnHdHx9Sc7AWGdcF2sWbm_6C6v40vbsJY_AGlgJjJhOCHFjV03Qn8jw9-ZDT99YB5EKgRgY2OmCvLXuvBq95aP1gRH4wOoeUVMz5A10UBEuDgiWbbpYpE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZN5rR3QNZcXTM5OZ_tMPyZqd0AjJntKxXNWdkfdwwI23ARABIABg9e3HgdQEggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAuRd6Fr03rE-qAMByAMCqgTBAk_QsCTWO4Fd5hwgHpZ8rCN9_OqSex0DN85Dx1jwO9pYDGwVs128P7oNYDj4I2Iz1UPQybU86Asik1LjXFDO2l0MK9BNUVT-7G55U5dNxXeqOOMzm9jynXekASiMwuG3ylfPTUDGIY3H47PCcXYLmpz-up3hLJXLGWC-6cJ0BB5zk2zE25DqnoHnVQ4vVQyXVG0g-s8erDNu_VtuqXUM3TJ3kkSv7dUZBpHtiwwnJH4CHZTRBlCsksmb2AOd4Jbm8EeAGZoaRRhjULWo_VqwUaP9-1P1HvQPMbMQX9xORnT6UmDiIas2TpJy5q5A4CikBwg6JIcjAUema6H8bR2-xM6PLOUBEyHyRB0QdMuVLsQvKRsUFzgAVVoaZr2cwiJ2wprhZ2915lhXlx1kik-DzzA_4OIcD59fpOrtd5-XRShpH4AGsOCHv9DW1bcMoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3bLKNDhQhqwB8jLgxCS_fzRriWyg%26client%3Dca-pub-4485239425924787%26adurl%3D
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYUgyzWYqABr8kyedVNTz-eVP8jgwguR2rABDfarZr-JbbGq1aY6resRnpFTtAKoEA50g_miPI931cXbxUga2nIzioAg
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9j-CXiPUgVqAzgUWzCOPkLHxVI2l-FqGNDLTtbrLXrhVcLnA1ynRhOuZmgk15w70z9WgLqVt4V1s38OMnpMkjdoyO2DBCM3Ncv2WY_T7g3___6a-3ufaQBR1OZ9HCBJiEs2QIQo6_8l4dKf0nl3bMfSWwQmFVzxTM73OduW0TV4WgcvCMoJBq_Dlz5qGIxGAZoNkBY736ZZgct0SKPscUSy6pkj2MMMzRJ7DClXhmMJH0clZbahggltAkMHjbL99-VOcb22EgMxq9x-gr2c00BXoYvUxdvS8BPWF0_XZh4zkripWn5uE6KaYS-uAlWDQAd-bu&sai=AMfl-YSmHIRf1NWm5J0NNXMQaxITD47_VPOT-hiC7-ytZrfVaF6W-8RcagIIo5hs9Jismx-1S3JKZlDAkanO2y97GSnSIyS1uYjj7S7Ly5DrHp5ukHmYQ8EbWwjx0CWzMG2C812nsBUwBkpeVEsc8ATC&sig=Cg0ArKJSzJYXx3wms-gdEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551855&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551857&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.8&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551860&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551863&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.3&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551865&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551868&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmuht21z&c=596368379695&slotId=298184189847.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDaTrpZIvHP5XrcE6S2cfio&google_cver=1&google_push=AXcoOmRGOXhGjHZckmb0G2HSdfT9UvsHSSyb7AOPDYxfbYoCefW1JZd1g6M94JtiBc5sIChYhrnXWdbVFoJcq4x2KW9npw_Z7H9qGA
Domain
ap.lijit.com
URL
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxaMtaaLwmQ2evioBEtlDY&google_cver=1&google_push=AXcoOmQNgVRhnLduvS1olCCNY01QDMaNPEqvGfig6ovO0Ad5AO8l2drus4AIOZ6t-Nsw6guSNYh17XPSqmEn1AoQyWshLgBsa5HwYw
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/exptsync?google_gid=CAESEHSpbC5hSrvJnh7m77HfgCA&google_cver=1&google_push=AXcoOmSZUYZWJmqkMktjAbt0IaoDcAzqYRDcFZe1gAw773aHw3PJd070igM69bTsfDWgdVTXoFsf_Eox7N0XU-AuGdsnTKyX83rI
Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJPPPUXKrqCa3i6vpA0lNUw&google_cver=1&google_push=AXcoOmSyAgMMn4xV8zj5GxG_zlbnmuW783_UtG3azr5KytV9RBlAWnsFqqKpgY-2Xgg7bt5Bi7MDOtJ8_okPbq3J5kOSIqkLKQbSqQ
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKUVZdU6O5Hq4HQ3m13K1Oc&google_cver=1&google_push=AXcoOmTZR01klRYhoJMvg2Uti-jzt0xXXjuyNfWyYA8snzZm_RSinMfLuu-7t-a_BJExCUKhKFriT9xd4-PEUQpFKLrCwtIYEtygiw
Domain
im.bluevoox.com
URL
https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKwsjul_eWL3Su6T4p73gl4&google_cver=1&google_push=AXcoOmRTYiRsAMweVkqyppDdeRWjbHDCFzPdWgthLxgvP34KeIu9hH-Zxqtz2M26ARYE9jtMPu9Bk-VZHcHmTTI8bHWBziXSf9na8zA
Domain
match.sharethrough.com
URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPRip1zgUeIyNMYi2Zp_S5w&google_cver=1&google_push=AXcoOmTGk4AJATbeEw5NALsbJIUVZziS0cZa85Oiqqnf3m6jWokXA0p9RpEQM5ls2edsQKIJilpGLsxvIxEkBaahJ1fjVqvlEPD4NJc
Domain
an.yandex.ru
URL
https://an.yandex.ru/mapuid/google/CAESEOsygJLwEiwuVrsrdGsvLtE?ext-param=AXcoOmT4PYv0HDIrkVsomO3nRzfcn1Aj5GRty6Uh9KllpPp0yMmGSCU7su5ssJi0IirHKh-7MzBhrl48PEI6MfTggQUOOaV1_tcEVj8&partner-tag=yandex_ag&google_cver=1
Domain
trace.mediago.io
URL
https://trace.mediago.io/cs/google?google_gid=CAESENBFjiT8vG2tzNxIkNK5Vng&google_cver=1&google_push=AXcoOmS3DIyu_GAXWyynwr9sjgIfcGVerapZqJpbWnTKd1E5-QbTZKTa5okYBz7v3r6ryTJfEh44XDs_hapvrfk50ZdvYpBDT1vtrA
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB2hmQgXnPAdgBZsll8-hpQ&google_cver=1&google_push=AXcoOmQA9lfJM7GKDrR0DJqmaTrwPEtb0q_jubNGbEXoIZcqoOTIaUmcmcesfx872przcKeAGHC9K4ExFmJ3WRloKi6L4CTvHKB6mCY
Domain
ad.vidverto.io
URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Domain
um.simpli.fi
URL
https://um.simpli.fi/gp_match?google_gid=CAESECzE0yXS007I0drRfkX3zes&google_cver=1&google_push=AXcoOmR7hc0_kzGYG98bHlAxMZFvaiuVvIuesQz1KdwslEeY0oYmtkiZbMAgvgGZkyDA6hcPuozYXPvjcKvfkYs26hGSxcQApuim
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKHAEF_6zErYoUvRBuvKkKI&google_cver=1&google_push=AXcoOmQbZwnixQ127Wtr0DwdI0wTkPW1-rccAb4o4SMoe5BA2tFj2TB2zc-CZdGLmLDIBeCArlL0NYc3bQ7N9AxAxHfrBdzDMjHg
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKUVZdU6O5Hq4HQ3m13K1Oc&google_cver=1&google_push=AXcoOmQo2DkzsCLMT5ymld_549g_cJ9kQiK13ctQ_Ovm1mZ7op5OU-y06w-WjN1tWgjvw1gUjKdEolqFrnjiFjzIqDQEaxbqJN1a
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQfACCkbw5zPIPJCoisR9czGQqB8oPE4eGt7vlI2kpyC0LOmCkKKV_d55_q4xnLfOah3eGC8a6p1lXFY08O6wjLMkJTHo3d%26google_hm%3D%5BUID%5D&google_gid=CAESEGjxAuhVkKP5TEgmm9bhoNI&google_cver=1
Domain
ap.lijit.com
URL
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxaMtaaLwmQ2evioBEtlDY&google_cver=1&google_push=AXcoOmQSlZaTctaIbQo5fLvXwI5aq8aboIgCf-eWfSOLkwB0Z8TJFUD_9atXXAvRkJaXUGI5JBCaaWaUZF9_2wNgYhtgCpqROdgc
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSsxRnQNZc-HN4LzzQaV-ajYAezb0IBz2cyxzcYR29keEAEguoTAM2D17ceB1ASgAajh7KIDyAEJqQLMmOXzoIWyPuACAKgDAcgDSKoE8wJP0NbMM1cfnkHVrSLJXqLca8kBqKUtSyJ6b5oMqBBRM5tNXg37qYEc3vSC3Gk-50uF-X5_gG8cY_OKk7xJsmpm51DgDWIx_PMy55Ss2QWszQVfkU4iD8QfFRQa2eyTw9WF_Mvukawa_BvMb6PEPftbwwhzSZ2j2yzKqoEHWx1AIx3W1M4Ae-7R9LaZO3SPDgYg6l8v_M1O5FIGZM3q9fTUwx6Yx1tQyvEU2M04-WhvFCbVTnOvLQYhxwTkMW2FR5tCPafcpFaN-5-P7EpGRthkKN2al5JKZu1VyB3c7a9Nf14KBGCUgqqApXeIIHfNUXnWwyXuDVsjjpaBvv6pCa1W_b9kCynWR426EH8_ViimKaTRS1bU1TymGYeT35X_bLxMqWUo2yY7m3PqZxA5hZWTzEyI0vNIXcgDFAVrZb34tgjxPxaNPczM0kjte3NHW6yKRPt-gO-4Ueb5z7UygRdwUouXwRSZ2MWqAzNBsvsXWlpqDcAE07HZ9asE4AQBiAXcrsPSSpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfAnpNdqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqZcI0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCS1odHRwczovL3d3dy5pbG1hYy5jaC9lbi9iYXNlbC92aXNpdC9jYW1wYWlnbi-ACgPICwHaDBAKChDw762PwOG0oE8SAgED2BMK0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=FH8VAUN4qsY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPABpAlJWYj3Fbf1HFGQp0Y4ADc3lPoDU4q7nOUS25XXXP9kMimTjNvAoxxHBnBIbDyL68q34c70Gf8XfYhgB&template_id=419&cbvp=2&vis=1
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSsxRnQNZc-HN4LzzQaV-ajYAezb0IBz2cyxzcYR29keEAEguoTAM2D17ceB1ASgAajh7KIDyAEJqQLMmOXzoIWyPuACAKgDAcgDSKoE8wJP0NbMM1cfnkHVrSLJXqLca8kBqKUtSyJ6b5oMqBBRM5tNXg37qYEc3vSC3Gk-50uF-X5_gG8cY_OKk7xJsmpm51DgDWIx_PMy55Ss2QWszQVfkU4iD8QfFRQa2eyTw9WF_Mvukawa_BvMb6PEPftbwwhzSZ2j2yzKqoEHWx1AIx3W1M4Ae-7R9LaZO3SPDgYg6l8v_M1O5FIGZM3q9fTUwx6Yx1tQyvEU2M04-WhvFCbVTnOvLQYhxwTkMW2FR5tCPafcpFaN-5-P7EpGRthkKN2al5JKZu1VyB3c7a9Nf14KBGCUgqqApXeIIHfNUXnWwyXuDVsjjpaBvv6pCa1W_b9kCynWR426EH8_ViimKaTRS1bU1TymGYeT35X_bLxMqWUo2yY7m3PqZxA5hZWTzEyI0vNIXcgDFAVrZb34tgjxPxaNPczM0kjte3NHW6yKRPt-gO-4Ueb5z7UygRdwUouXwRSZ2MWqAzNBsvsXWlpqDcAE07HZ9asE4AQBiAXcrsPSSpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfAnpNdqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqZcI0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCS1odHRwczovL3d3dy5pbG1hYy5jaC9lbi9iYXNlbC92aXNpdC9jYW1wYWlnbi-ACgPICwHaDBAKChDw762PwOG0oE8SAgED2BMK0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=FH8VAUN4qsY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPABpAlJWYj3Fbf1HFGQp0Y4ADc3lPoDU4q7nOUS25XXXP9kMimTjNvAoxxHBnBIbDyL68q34c70Gf8XfYhgB&template_id=419&cbvp=2&vis=1
Domain
rtb.fr3.eu.criteo.com
URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6qtEYbWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQSHQNZTHRV6SIN3EdTzsAABIAAAoKQVFVQkR3RUJEdw&wp=ZQ10RwAM6cUEf4yTAAdNSVNVYvFsGEOtFkzBeg&cbvp=2
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Domain
rtb.adentifi.com
URL
https://rtb.adentifi.com/CookieIndex
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZQ10RwH-77UT8s5xuzaBIAAA%262179
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Domain
contextual.media.net
URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Domain
public.servenobid.com
URL
https://public.servenobid.com/sync.html
Domain
adpushup-d.openx.net
URL
https://adpushup-d.openx.net/w/1.0/pd
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/sync?
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/um/ixmatch.html
Domain
acdn.adnxs.com
URL
https://acdn.adnxs.com/dmp/async_usersync.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2492442299006157&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=70A35B83-F393-440B-81FE-AB79C4A1FD59&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380554324&cookie=ID%3Da450d890bb0bd2ee-2202212f85de003d%3AT%3D1695380549%3ART%3D1695380552%3AS%3DALNI_MaTrFqC-Pz_5XWb2yT5NvdeT0MROg&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=3175931746916122&ged=ve4_td6_tt2_pd6_la6000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
Domain
ads.betweendigital.com
URL
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Domain
cm.adform.net
URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Domain
us.ck-ie.com
URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2492442299006157&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=70A35B83-F393-440B-81FE-AB79C4A1FD59&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380554324&cookie=ID%3Da450d890bb0bd2ee-2202212f85de003d%3AT%3D1695380549%3ART%3D1695380552%3AS%3DALNI_MaTrFqC-Pz_5XWb2yT5NvdeT0MROg&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=3175931746916122&ged=ve4_td6_tt2_pd6_la6000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
min.tryiqos.ch
URL
https://min.tryiqos.ch/trck/epv/449f5b35d42da36163b184dc2e527481?tp=onetag&t=img&subid=oneidm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
cdn.vidverto.io
URL
https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Domain
ads.smartstream.tv
URL
https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEFiwK2s7aioLWVyrM_IO734&google_cver=1
Domain
ad.sxp.smartclip.net
URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBPjMgUHcE1nqrcDkDXlLMc&google_cver=1

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag string| path function| _statcounter object| TRC function| _typeof object| _tblConsole undefined| msg object| adRecover function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| aries undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| google_reactive_ads_global_state string| nam object| placementData function| runAnimCheck object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| _qevents object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ucf object| request number| vidverto object| regeneratorRuntime object| aries_registry string| paramsString object| cmTag function| inView function| VASTClient object| _cm_wfCounters string| lastWfUrl function| IMA function| VidvertoPlayer object| vpbjsChunk object| vpbjs object| _aries function| startCMTagMain string| category boolean| noPreviewPage function| quantserve function| __qc object| ezt object| _qoptions function| shuffle object| entertainment object| arrToUse object| playlist object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| OvaMediaPlayer object| inViewWindow object| vidvertoPromiseCache object| closure_lm_896979 function| VidvertoPlayerVideoPlaylistUI object| google_ad_modifications object| google_prev_clients function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| closure_lm_74167 object| googDdmPs object| closure_lm_874234 object| GoogleGcLKhOms object| google_image_requests

68 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1695380549.F29D9D988C384F28DA1AE154EAC4D4B7.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1695380548.0
.statcounter.com/ Name: is_visitor_unique
Value: 1695380548396762845
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1695380549.1.0.1695380549.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1067824878.1695380549
.bg3.co/ Name: __gpi
Value: UID=00000cad11307ac9:T=1695380549:RT=1695380549:S=ALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw
www.bg3.co/ Name: __AP_SESSION__
Value: 784dced9-6d57-45ac-9114-929a823096cb
.doubleclick.net/ Name: IDE
Value: AHWqTUmGwjzWInXHCn8Mi0WGdPw97BXjrjjyrpPJ1O6bE5TE8CSdCT7JFOr3dqFvtDg
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: b060550c-78fb-4d42-ae5a-c93f0b3dba25
ad.vidverto.io/ Name: moxuuid
Value: f5d4492b-89e6-47f5-972d-deb5ce48bbb2
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1695466949
ad.vidverto.io/ Name: _mwayss_imp[24632][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[24632][frequencyPeriodEnd]
Value: 1695466949
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[11177][frequencyPeriodEnd]
Value: 1695466949
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1695466949
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1695466949
.omnitagjs.com/ Name: ayl_visitor
Value: fbb11d100390519f7b9fe094a82b6414
.prebid.a-mo.net/ Name: __amc
Value: 1_1695380550_1695380550
.adnxs.com/ Name: uuid2
Value: 5249776766648800446
.teads.tv/ Name: tt_viewer
Value: 8de65766-eac3-4953-ab7c-489c0e510cf8
.bidswitch.net/ Name: tuuid
Value: ff8274a0-150a-40f3-8007-83e33490fdf2
.bidswitch.net/ Name: c
Value: 1695380550
.bidswitch.net/ Name: tuuid_lu
Value: 1695380550
a4p.adpartner.pro/ Name: apuid
Value: 6de5442d-c223-4af0-8af9-ffdc22a0c2d5
.aralego.com/ Name: sspid
Value: b70908e9-76aa-3428-ad37-ff692c54945e
ad.vidverto.io/ Name: adpartner
Value: f5d4492b-89e6-47f5-972d-deb5ce48bbb2
.yahoo.com/ Name: A3
Value: d=AQABBEZ0DWUCECmLG7zbQA1r9yDF_CISbzAFEgEBAQHFDmUXZbth0CMA_eMAAA&S=AQAAAhpCmuuqg4Vvia1dp6Wp8js
.smartadserver.com/ Name: pid
Value: 8624674787662534251
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: 194o~2e2b
.rubiconproject.com/ Name: khaos
Value: LMUHT0YQ-14-JN4K
.pubmatic.com/ Name: SyncRTB3
Value: 1696550400%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3E20FE11-5339-42FF-852D-D1ADAB55E703
.criteo.com/ Name: uid
Value: 4e1a841e-47fb-4ec5-aa9f-3c3036c32dce
ad.mox.tv/ Name: onetag
Value: XxcILVs5nxfjoc5qhO4ztnylW-u6ZZfIkxh5c94nKOg
.aralego.com/ Name: euconsent-v2
Value:
ad.vidver.to/ Name: bidswitch_com
Value: ff8274a0-150a-40f3-8007-83e33490fdf2
.pubmatic.com/ Name: pi
Value: 159706:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.smartadserver.com/ Name: vs
Value: 615553=5639702
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314164196%3B%24ql%3DMedium%3B%24qpc%3D1003%3B%24qt%3D73_450_542t%3B%24dma%3D0&c=1&l=2084847341&lo=-1362845330&lt=638309773511474860&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314164196%3B%24ql%3DMedium%3B%24qpc%3D1003%3B%24qt%3D73_450_542t%3B%24dma%3D0
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1695380551.1.0.1695380551.0.0.0
.quantserve.com/ Name: mc
Value: 650d7447-a4bf7-9864c-ed93e
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bg3.co/ Name: __qca
Value: P0-1655619481-1695380550865
.amazon-adsystem.com/ Name: ad-id
Value: Ayq5ksH1QEEgtD5HOotgeLs
.casalemedia.com/ Name: CMID
Value: ZQ10RwH-77UT8s5xuzaBIAAA
.casalemedia.com/ Name: CMPS
Value: 2179
.casalemedia.com/ Name: CMPRO
Value: 2179
.bg3.co/ Name: __gads
Value: ID=a450d890bb0bd2ee-2202212f85de003d:T=1695380549:RT=1695380552:S=ALNI_MaTrFqC-Pz_5XWb2yT5NvdeT0MROg
.linkedin.com/ Name: bcookie
Value: "v=2&bc641b88-fc4c-482f-8054-c777f44aefc7"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTUzODA1NTI7MjswMjGn5poxPOPI4p7wEFGMBuaK8gJsYc9mFt5CNJl3v2DDng==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3084:u=1:x=1:i=1695380552:t=1695466952:v=2:sig=AQE_QBtVdRqpRWW7X5_YJ41U2il_pkBe"
.acuityplatform.com/ Name: auid
Value: 830750358622
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRS8RY3ScmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUvEWN0nI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSTJTdUhnUUh1SmdrQVVuTkdOXzg1Tfv7hnZlcnNpb27C+w=="
.simpli.fi/ Name: suid
Value: 76D3EF1CEA0F483281FEE6027BABC5FA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-22T11%3A02%3A33%22%7D
.turn.com/ Name: uid
Value: 3950746303987600696
.onetag-sys.com/ Name: OTP
Value: yXWw0iYOA-Lb9w2e-1wN2O802Uqj2PNXul3lDi68pB0
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr2qjJVDW+oJQZ97CUzJCVj1hlFXvj2m9WUaZPTTsR49StzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ek7+8UWvn5lu
.smilewanted.com/ Name: sw_user_params_infos
Value: nmKWvgFl19bIvOGpe2ze2vvdejnIJ1klj06xXGRwDpZK682qG0VUhRhKqLNwqlUjbMHg%2FUdJnDW65qPQT%2BLHcXs4cJ5AaMn4cIuiPQfZe0kQ2oiuMg5WfNDs9j10MdW2i0RmKIF4gp7ps9VUYmh4qWTkftU8UvEyfGCIlVHHb5htY%2FBELHpTC9Q0eMt0KpHmZFtWzs5a52s176ZHjpWx1g%3D%3D

94 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202107/6c1106bcfef9eaf08958b1901bef9b63.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/987d57254a7189384754d7e90a99bc92.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/82b8803da32e713a2191163eb823431d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/0ec16193fbf94e8f04b4c82e83fe112c.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/161e84cf02985bf705610a82440aeb39.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/d48c5706dc22f4af94e4fd215fa21d92.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/98543eb6deb01daae0e8f68c29eedd39.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d2f763da9b212222ca279e8a2e9f5745.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/30b40a8f653b1ad5a251d180e17ec544.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/e38fca65b55b2af8101db3e9a088bf3a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/6867bbacaa6c840c0d4c2649cb566a17.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/467cb227b609d35f616ca8dbc1490b5a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/9a38b103e68cb48adfe08253963c5fb9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/06499bfc1146ff431d2c18123b55aa06.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/3c5692996bc4b25f3fb783e706628fe1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e9fa4e55a3ac61829abf2f738f4b61cf.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/f5d9eb8369f7b35f1e0aa4898a6943d6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/f38a80bdf234993b48524005c11366be.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/3081b722d7128b221cd95fbc0b10d9f0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/96ebb50427060984d741e3241f3ccc55.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1dfc46b2c93eedd5dab80a0bba0d7317.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/bef354950e1169291832e2752c6adcad.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/9718aa940447578490a9e60aa15438e0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/08161d67507223938c2653ef805921c6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/3631166877745cc343f00038b60dfc78.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2Evd2VpLWxpLWNhaS1jaG9uZy05LTJ5aS02bWlhbi14aWFuZy10aWFuLXNoZW5nLWRhaS1jYWktemhvbmctamlhbmctamktbHUtenVpLWdhby5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1695373351&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695380551009&bpp=187&bdt=1178&idt=595&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&correlator=596368379695&frm=23&ife=1&pv=2&ga_vid=1067824878.1695380549&ga_sid=1695380552&ga_hid=1226559512&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2390&biw=1600&bih=1200&isw=336&ish=280&ifk=2006889337&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31077222%2C31077969%2C42532403&oid=2&pvsid=15580226547372&tmod=209381583&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ux3ei7e82gdh&btvi=1&fsb=1&dtd=613
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cds.taboola.com/?uid=e39133b0-ab41-46d1-b857-9b506c87dd26-tuctc06f9c5&mbl=ZmFsc2U=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4253309&sid=18330&dvregion=0&unit=728x90&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0hFIjr89mEQ4496bDCQ_eFc&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&aubndl=&audeal=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0hFIjr89mEQ4496bDCQ_eFc&c1=3060631&auorder=1011813649&aulitem=20013415364&aucrtv=489026825&auxch=1&pltfrm=1&ausite=881479034793&turl=https://www.bg3.co/a/wei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&aubndl=&audeal=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmuht1r1&c=596368379695&slotId=298184189847.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551855&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551857&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.8&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551860&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551863&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.3&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551865&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551868&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmuht21z&c=596368379695&slotId=298184189847.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEJPPPUXKrqCa3i6vpA0lNUw&google_cver=1&google_push=AXcoOmSyAgMMn4xV8zj5GxG_zlbnmuW783_UtG3azr5KytV9RBlAWnsFqqKpgY-2Xgg7bt5Bi7MDOtJ8_okPbq3J5kOSIqkLKQbSqQ
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxaMtaaLwmQ2evioBEtlDY&google_cver=1&google_push=AXcoOmQNgVRhnLduvS1olCCNY01QDMaNPEqvGfig6ovO0Ad5AO8l2drus4AIOZ6t-Nsw6guSNYh17XPSqmEn1AoQyWshLgBsa5HwYw
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDaTrpZIvHP5XrcE6S2cfio&google_cver=1&google_push=AXcoOmRGOXhGjHZckmb0G2HSdfT9UvsHSSyb7AOPDYxfbYoCefW1JZd1g6M94JtiBc5sIChYhrnXWdbVFoJcq4x2KW9npw_Z7H9qGA
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ads.yieldmo.com/exptsync?google_gid=CAESEHSpbC5hSrvJnh7m77HfgCA&google_cver=1&google_push=AXcoOmSZUYZWJmqkMktjAbt0IaoDcAzqYRDcFZe1gAw773aHw3PJd070igM69bTsfDWgdVTXoFsf_Eox7N0XU-AuGdsnTKyX83rI
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2S5voK5DRMfSojOBpSc3R2YQQ2aqlnJL68CJZvTQKX7rdVkhqMwCVkOGSwBY6Comkii50QZr1gQnqm8NiMaEiUSJUVA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYUgyzWYqABr8kyedVNTz-eVP8jgwguR2rABDfarZr-JbbGq1aY6resRnpFTtAKoEA50g_miPI931cXbxUga2nIzioAg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB2hmQgXnPAdgBZsll8-hpQ&google_cver=1&google_push=AXcoOmQA9lfJM7GKDrR0DJqmaTrwPEtb0q_jubNGbEXoIZcqoOTIaUmcmcesfx872przcKeAGHC9K4ExFmJ3WRloKi6L4CTvHKB6mCY
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://trace.mediago.io/cs/google?google_gid=CAESENBFjiT8vG2tzNxIkNK5Vng&google_cver=1&google_push=AXcoOmS3DIyu_GAXWyynwr9sjgIfcGVerapZqJpbWnTKd1E5-QbTZKTa5okYBz7v3r6ryTJfEh44XDs_hapvrfk50ZdvYpBDT1vtrA
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEKwsjul_eWL3Su6T4p73gl4&google_cver=1&google_push=AXcoOmRTYiRsAMweVkqyppDdeRWjbHDCFzPdWgthLxgvP34KeIu9hH-Zxqtz2M26ARYE9jtMPu9Bk-VZHcHmTTI8bHWBziXSf9na8zA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPRip1zgUeIyNMYi2Zp_S5w&google_cver=1&google_push=AXcoOmTGk4AJATbeEw5NALsbJIUVZziS0cZa85Oiqqnf3m6jWokXA0p9RpEQM5ls2edsQKIJilpGLsxvIxEkBaahJ1fjVqvlEPD4NJc
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKUVZdU6O5Hq4HQ3m13K1Oc&google_cver=1&google_push=AXcoOmTZR01klRYhoJMvg2Uti-jzt0xXXjuyNfWyYA8snzZm_RSinMfLuu-7t-a_BJExCUKhKFriT9xd4-PEUQpFKLrCwtIYEtygiw
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKUVZdU6O5Hq4HQ3m13K1Oc&google_cver=1&google_push=AXcoOmQo2DkzsCLMT5ymld_549g_cJ9kQiK13ctQ_Ovm1mZ7op5OU-y06w-WjN1tWgjvw1gUjKdEolqFrnjiFjzIqDQEaxbqJN1a
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAxaMtaaLwmQ2evioBEtlDY&google_cver=1&google_push=AXcoOmQSlZaTctaIbQo5fLvXwI5aq8aboIgCf-eWfSOLkwB0Z8TJFUD_9atXXAvRkJaXUGI5JBCaaWaUZF9_2wNgYhtgCpqROdgc
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKHAEF_6zErYoUvRBuvKkKI&google_cver=1&google_push=AXcoOmQbZwnixQ127Wtr0DwdI0wTkPW1-rccAb4o4SMoe5BA2tFj2TB2zc-CZdGLmLDIBeCArlL0NYc3bQ7N9AxAxHfrBdzDMjHg
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://um.simpli.fi/gp_match?google_gid=CAESECzE0yXS007I0drRfkX3zes&google_cver=1&google_push=AXcoOmR7hc0_kzGYG98bHlAxMZFvaiuVvIuesQz1KdwslEeY0oYmtkiZbMAgvgGZkyDA6hcPuozYXPvjcKvfkYs26hGSxcQApuim
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQfACCkbw5zPIPJCoisR9czGQqB8oPE4eGt7vlI2kpyC0LOmCkKKV_d55_q4xnLfOah3eGC8a6p1lXFY08O6wjLMkJTHo3d%26google_hm%3D%5BUID%5D&google_gid=CAESEGjxAuhVkKP5TEgmm9bhoNI&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb.adentifi.com/CookieIndex
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://js-sec.indexww.com/ht/htw-pixel.gif?ZQ10RwH-77UT8s5xuzaBIAAA%262179
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551855&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551857&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.8&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551860&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551863&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&cust_params=mt_fln%3D1.3&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551865&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3084308373758882&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=452C97AE-ED6F-4F31-9113-15AC7075AB43&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44797156&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380551868&cookie=ID%3Da450d890bb0bd2ee%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MbHj_xhl-mG0upiNlPBauZqe2MKqQ&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=712218596358644&ged=ve4_td4_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24168
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://an.yandex.ru/mapuid/google/CAESEOsygJLwEiwuVrsrdGsvLtE?ext-param=AXcoOmT4PYv0HDIrkVsomO3nRzfcn1Aj5GRty6Uh9KllpPp0yMmGSCU7su5ssJi0IirHKh-7MzBhrl48PEI6MfTggQUOOaV1_tcEVj8&partner-tag=yandex_ag&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSsxRnQNZc-HN4LzzQaV-ajYAezb0IBz2cyxzcYR29keEAEguoTAM2D17ceB1ASgAajh7KIDyAEJqQLMmOXzoIWyPuACAKgDAcgDSKoE8wJP0NbMM1cfnkHVrSLJXqLca8kBqKUtSyJ6b5oMqBBRM5tNXg37qYEc3vSC3Gk-50uF-X5_gG8cY_OKk7xJsmpm51DgDWIx_PMy55Ss2QWszQVfkU4iD8QfFRQa2eyTw9WF_Mvukawa_BvMb6PEPftbwwhzSZ2j2yzKqoEHWx1AIx3W1M4Ae-7R9LaZO3SPDgYg6l8v_M1O5FIGZM3q9fTUwx6Yx1tQyvEU2M04-WhvFCbVTnOvLQYhxwTkMW2FR5tCPafcpFaN-5-P7EpGRthkKN2al5JKZu1VyB3c7a9Nf14KBGCUgqqApXeIIHfNUXnWwyXuDVsjjpaBvv6pCa1W_b9kCynWR426EH8_ViimKaTRS1bU1TymGYeT35X_bLxMqWUo2yY7m3PqZxA5hZWTzEyI0vNIXcgDFAVrZb34tgjxPxaNPczM0kjte3NHW6yKRPt-gO-4Ueb5z7UygRdwUouXwRSZ2MWqAzNBsvsXWlpqDcAE07HZ9asE4AQBiAXcrsPSSpIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfAnpNdqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQqZcI0ggUCIBhEAEYHTICigI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCS1odHRwczovL3d3dy5pbG1hYy5jaC9lbi9iYXNlbC92aXNpdC9jYW1wYWlnbi-ACgPICwHaDBAKChDw762PwOG0oE8SAgED2BMK0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=FH8VAUN4qsY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPABpAlJWYj3Fbf1HFGQp0Y4ADc3lPoDU4q7nOUS25XXXP9kMimTjNvAoxxHBnBIbDyL68q34c70Gf8XfYhgB&template_id=419&cbvp=2&vis=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 491)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6qtEYbWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQSHQNZTHRV6SIN3EdTzsAABIAAAoKQVFVQkR3RUJEdw&wp=ZQ10RwAM6cUEf4yTAAdNSVNVYvFsGEOtFkzBeg&cbvp=2
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2492442299006157&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=70A35B83-F393-440B-81FE-AB79C4A1FD59&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380554324&cookie=ID%3Da450d890bb0bd2ee-2202212f85de003d%3AT%3D1695380549%3ART%3D1695380552%3AS%3DALNI_MaTrFqC-Pz_5XWb2yT5NvdeT0MROg&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=3175931746916122&ged=ve4_td6_tt2_pd6_la6000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2492442299006157&sdkv=h.3.591.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.591.2&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FmnDrLD0v3MvIRtUiMaS6BA%3A1695384149%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=70A35B83-F393-440B-81FE-AB79C4A1FD59&nel=0&eid=31061774%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fwei-li-cai-chong-9-2yi-6mian-xiang-tian-sheng-dai-cai-zhong-jiang-ji-lu-zui-gao.html&dt=1695380554324&cookie=ID%3Da450d890bb0bd2ee-2202212f85de003d%3AT%3D1695380549%3ART%3D1695380552%3AS%3DALNI_MaTrFqC-Pz_5XWb2yT5NvdeT0MROg&gpic=UID%3D00000cad11307ac9%3AT%3D1695380549%3ART%3D1695380549%3AS%3DALNI_MauUPWbGloIqYdVD0cHo1OSvd_pXw&scor=3175931746916122&ged=ve4_td6_tt2_pd6_la6000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://min.tryiqos.ch/trck/epv/449f5b35d42da36163b184dc2e527481?tp=onetag&t=img&subid=oneidm3PFefxk4rSr8x6FmHZHZtztWW3bHDTwTe8HAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cdn.vidverto.io/secured2/mnDrLD0v3MvIRtUiMaS6BA:1695384149/1327/video/1813/480_650.mp4
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMYuLHjaTAB&v=APEucNVj9_5pT3MkDbhguyrgQt_uFsRlPNrb3hWikNYrWbtvCnHuEksURZwL2RLdPnPLbe4XZb-wjK52_K3euWF4vqUhiFnIgg
Message:
Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR.QUIC_NETWORK_IDLE_TIMEOUT
network error URL: https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEFiwK2s7aioLWVyrM_IO734&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBPjMgUHcE1nqrcDkDXlLMc&google_cver=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9j-CXiPUgVqAzgUWzCOPkLHxVI2l-FqGNDLTtbrLXrhVcLnA1ynRhOuZmgk15w70z9WgLqVt4V1s38OMnpMkjdoyO2DBCM3Ncv2WY_T7g3___6a-3ufaQBR1OZ9HCBJiEs2QIQo6_8l4dKf0nl3bMfSWwQmFVzxTM73OduW0TV4WgcvCMoJBq_Dlz5qGIxGAZoNkBY736ZZgct0SKPscUSy6pkj2MMMzRJ7DClXhmMJH0clZbahggltAkMHjbL99-VOcb22EgMxq9x-gr2c00BXoYvUxdvS8BPWF0_XZh4zkripWn5uE6KaYS-uAlWDQAd-bu&sai=AMfl-YSmHIRf1NWm5J0NNXMQaxITD47_VPOT-hiC7-ytZrfVaF6W-8RcagIIo5hs9Jismx-1S3JKZlDAkanO2y97GSnSIyS1uYjj7S7Ly5DrHp5ukHmYQ8EbWwjx0CWzMG2C812nsBUwBkpeVEsc8ATC&sig=Cg0ArKJSzJYXx3wms-gdEAE&uach_m=[UACH]&urlfix=1&adurl=
Message:
Failed to load resource: net::ERR_QUIC_PROTOCOL_ERROR.QUIC_NETWORK_IDLE_TIMEOUT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23e9f4207b4946823efcb3c34bdb97af.safeframe.googlesyndication.com
58a00f8f0c05ef60e3a97be97db1b7a5.safeframe.googlesyndication.com
a.teads.tv
a1112.casalemedia.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mox.tv
ad.sxp.smartclip.net
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.eu.criteo.com
ads.servenobid.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yieldmo.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
an.yandex.ru
ap.lijit.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
cm.adform.net
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cs.admanmedia.com
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d2q8xv8xf7whrd.cloudfront.net
delivery.adrecover.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.clean.gg
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
im.bluevoox.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
min.tryiqos.ch
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.fr3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.taboola.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us.ck-ie.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
acdn.adnxs.com
ad.sxp.smartclip.net
ad.vidverto.io
adpushup-d.openx.net
ads.betweendigital.com
ads.eu.criteo.com
ads.smartstream.tv
ads.yieldmo.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
c1.adform.net
cdn.doubleverify.com
cdn.vidverto.io
cds.taboola.com
cm.adform.net
contextual.media.net
cs.admanmedia.com
cs.chocolateplatform.com
csi.gstatic.com
csync.loopme.me
dsp.adfarm1.adition.com
eb2.3lift.com
googleads.g.doubleclick.net
gum.criteo.com
im.bluevoox.com
image6.pubmatic.com
js-sec.indexww.com
match.sharethrough.com
min.tryiqos.ch
pubads.g.doubleclick.net
public.servenobid.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.fr3.eu.criteo.com
securepubads.g.doubleclick.net
static.bg3.co
static.criteo.net
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.richaudience.com
trace.mediago.io
um.simpli.fi
us.ck-ie.com
www.awin1.com
www.google.com
103.231.174.251
104.16.85.20
104.18.26.193
104.20.219.77
104.22.69.131
104.26.5.103
13.107.42.14
13.32.23.200
137.74.6.209
141.226.228.48
142.250.184.193
142.250.184.202
142.250.184.227
142.250.185.130
142.250.185.161
142.250.186.130
142.250.186.136
142.250.186.161
142.250.186.35
142.250.186.66
142.250.186.70
142.250.186.74
142.250.186.98
145.40.97.66
15.197.193.217
151.101.193.44
151.101.65.44
151.101.66.137
152.199.21.70
154.59.122.79
162.210.196.208
172.217.18.2
172.217.18.98
172.67.74.129
175.110.113.213
178.250.1.11
178.250.7.10
178.250.7.11
18.184.148.2
18.66.97.31
184.30.21.51
184.30.22.30
185.106.33.48
185.170.60.43
185.180.223.221
185.255.84.151
185.29.132.241
185.64.191.210
185.84.60.21
185.86.139.101
190.2.150.144
192.96.203.13
193.108.153.21
198.47.127.18
212.8.250.228
213.19.162.41
216.239.32.36
216.52.2.39
23.56.202.187
23.97.225.52
3.233.146.48
3.66.153.128
3.66.233.77
3.71.149.231
34.107.148.139
34.252.246.120
34.95.69.49
35.186.253.211
35.204.158.49
35.244.174.68
37.252.171.149
46.228.164.11
51.89.9.253
52.214.251.135
52.28.250.143
52.46.130.91
52.95.126.138
69.173.144.137
69.173.144.139
69.173.144.165
81.17.55.113
91.228.74.200
014d98184c6d1852e7b771a5c28fe6cf6da165532a6c559785e58d03f5c200e3
01706ab04c44c3dd1786171206106215c5941ae74c43ab28c3843ad935f06839
01bb7f1459cb1ca872a96ae3f39703a771b599a2690d60ae83b4f361c5c56349
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05417da29cf6f9b28185aea55a81c2ce947c33a45c082a3a126173b5a5a210c5
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f62ca6a2ea203224411557d635e4d43fa71ad6f5636bf8dedd82c78b8075f2a
0fa22d2043fb135cc6a5d67dfdf67b67acdd0629c5540472297a426c231c2f56
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12f671dc70e03fd34ff707eee40017714886632aeae47cd8e581517e79caaf9b
15f0ee70ff5fea7e04f655ab759e3a149103dd3d8ad0b896f19839e059af7fd7
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1b0436786cd669ccc7b4d71a084fc4c55af441fa98029b740579107ce2c9c6fd
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cc28d0a176f35b35fa18e9aa2e30a1f7e748abf0860edc1b12c7bcf7ab6f6ba
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
223b0d1f5fe9805e59af9f9b4eca70ba74d52431790f365d72f6c4c761d1c961
2351470f809103f89a0aacf2fc9b308ec31029c1d4095b5392fd5f166a11776b
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
293da54225a00e5a63e56cec9f282aebf16cfc55fb7caf43e7351ee9f4884299
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2a697f509eadb62f8477552564e5e8249b4b4b0550bdde73024c9dde02c285c3
2bd5d4d1ae6670a20fb6dfcd97f3bae6ab6669b3453081fbabe384202d7c6609
2d9ed895abda948947bcd6f9daabe355957327517f8742114ca30772a42ccc3f
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
30bdf82816190e65c8c6c0fd833cc4f21dd641eb6311a467d2ba48c84882d400
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34ec03e16ba423f27b2db224a2d1ae09f27c349fb245c1407ac87808ccbe5679
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37f70cfdf7a45be04857c8599a23fe4cd3999480a39c28e774b39d7ebf9dcbcd
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39cc4eba57da890791758a2531fff4fd01b2908375cce742b84be17a53406601
3a33e1d86e1825e97e5ae914b6b103d29e6ad5e7b816d0366fe105f20b17917f
3aae006893b2b4e15dc8d1a4deab2f6defa6430dd2981008ce790ad18a53df05
3becf036b93d6e639c31e56a2d9f04c48accd177987f2a36b11d3158b719d678
3d4b63edc4bbac0ba5e3b9361d54dda00ccd5900975cf6f216beb438f59985c4
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fa551304be181c83a94bf8e17758598db3168a18c206e39f82b8658d10288ea
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
428930022991b869ad0359d6c93e26c0a3752ef566c65f72c4e4beb3ad404378
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441573cb088293510a1bd183ddafdd435694c32b2550ea2c88933147c08598eb
44f86ae6bd6afa062bdf4ae13b17860b21a5e1aecb1ecfa904169e4e00289b1a
467efe85f19395240c89559ed17661f02b1b662a54af39992bb8d58158b39a04
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a3f733fef7fef6fa38e1fbdebc344c91949dae96eeed5cc5d10c4e024b5339f
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b3875cd21da5664b4683ab06d45bb2343fb9d29c44d43d1e6a9173ed4be538c
4ddbeab2687daccf77f6ca6803f852b1fe9f906a65289af736e49ae9e2a39f85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b2a016aede5e030b851da8107c200231aa5a6cc0fd3424cd8491ade7d4f9c5
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
50fb084e53a8aeffaefffbe1612b995ff22ec168455280aae50f40187263fbeb
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
5297acd1bdcaee4b9e3ef707070bc668c22d42da34e611f0e681f085248cc1d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d3d92276c9c203085246478f507bec97cc4df3a57a90b28b824a84c568d6fc
58320cd0462ef6a288f348e3a13fdafc025acd36add3253dc18140b996a88aef
5c413de57e629fbba188d440b4d7e5f2e4458ce3be46973223d8b44caf071f52
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
612390dc0a3660eaa5c88b0b07b7a18edf9835864e940a7d644032e78033cc9f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665b52f6ed389534d31511c985e3dd86b9d2a196a6ce8d54395d6dabf7b73fa8
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
711bcd85a0aa2b5fe66c4646a822a776ed0f2f2aab66b580b6097ae23f0fa4b9
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
74cff7bc2632d11ec87acda8874c2fd0372cfb64fa857dd1e30a7c4c2801e178
785c563d051c6b061a0304c95e5b18594de61c5a995b63a40c2dcee46c3946a2
785ff0ce280100be75683550190bdcb6151cee53b20267c91afef88f78550977
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a66869cc101c430a9b9f14afaab705ddac514dcdf31b09c55b18566d4779738
7b5a1a6db7d4be4fe67f72bf82124979d1d83694efa94e453d66e794e2d5aa91
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7d71a11c9b10f304011d8573c241a1187ec6fbd442858ab139cc03b9a3dc99fc
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
80b9b7bcb98fcb97f7c595b97e92a34db3cc45f07ba183e0711c7c06b8082d83
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8704e4647391c5af022c0c31fa07d613382e186e30d079e379929293616eabbd
8749398f45e7ecf72f0d4fa724c1e8bfbf0395786d946874bf9035af62ea0d5f
879efe3f22db43726a25633d96a23721b40c2a9b567db2a330ab6f6076f7e114
8c576fdfe5a6c400ea517402141cf357eb3c0b9ec3bec05a0a2ac8e0d1993ca1
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
911fe2487da11a48e070cf725b8967a63aab680542e378fe5af2b0b6e03f7924
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92d97991ec6e9a526f12410ab0994c15fbfc2a6aece69330c8cdcb59563d6250
931619fc351c9d90c34c64c4481b1108f883cb0c7eb71637ab4918987be49ce1
94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61
97819864a35fc3f3765cace495b83b7383da3b87eb3074661cfe7abc49397e67
989b69cc4a7a74df2bb81583b9bba4187bba1408e28e77adf771d7a9102bc9e2
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99a97fa27c0f057db31d471edf90dcd13b6f5d3b1c91956300586e4d117ad3b1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a1e8ce003a96c02bf65b5ab4775b2ac0dd3cba0c5522fa9977f93ff952ea072b
a3b81ea77193cef7e60595347b4c11fd4528cec7133075aba100d37f5ce9c5cf
a43670cdec4965a99a53a7c46b110280b6c849ace27e5eba55080624b9b6bf4d
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4827162d7155d077f7c60d61f57641634578a1a557c2993409e798f02a0b895
a65a094de0d9f39f02860f75ad4973fa2c5a14dfd36e75ddf754b475bbc89194
a6f58e53ac6db14f1a025b5c5cb8b0d854642f298d67febd59f980f0836b55dc
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a8a347e67412b43a5f7b1f5dd68e82101655949c78da94255ae1708e5ff38819
a8c034ae42fc780fb6572aecd32f8e7973a9acb92b5ab67cd6d9419929a2bd31
aba7f85085a22a706c96c76b9e16b79599140558896f55b104d644fcd5782ecf
abca634537b90380561b7ce0dde0bde575ccdf766d22070121d30290419bd16c
adb116c7fddef9ad1e4b6818f323d56779020cfa3a1e7cd40c8a087700c83e07
b02dcc8bd959fe51fe0a1fc45f404f8625615f6c0af6e773d74a69bc5efe59b2
b06d2520237ab14e555455ec9da0066deed1e43cc53ba14492e1682244d46baa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41bdc3a31a7fd0399ae4aad24ff98ebff0fb4610e7e01350b45d2133c5cc974
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b4cb144b5dc8b9428834dc5060fbd1e8eb122af716c730c3d0751a7bf191e079
b6448943ab12ad9253b463462809d2cc64ba87b86170c6fc1579a71ef9fda35b
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
ba37c2757fd3663d832c6076d5e517c7616f576c2d21cc38c971d7db2cb26fe0
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba8573490669fc6157ab33e033b388201ca4978bf61baeb25ffd0581744dd991
bad67210ab571506d1f0826235b9097d7a7e9c7ff709b495f1dd378429d05ca4
bc7692cec5b5fb398b7cb99760f39071969c674103018e07221fbb0046227ce0
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
c0fc6b0311c6ce151569fee1d73bcfeacb5b743650d6d0349aeb35150480a000
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c2873486ad00a81263c8fe631215484e7b53bebad120c697f3dc26172c350f50
c2f9311522f3953763a4e8f71eaedc1e2c599ca4db6f3342f12ce5766ad60d0a
c3a75ddaffebb6b66b0c8c333dd68271fe3edf86266d60f50f9d085b29c69005
c4bd6ae5814a2859215a7b102a29a740c2220dd2f8eb8d505f447a92d5a460e0
c5e1a1e8982becdc83263b687951cfc5c5976af5b5d67eab53451cb72ac78925
c758b22131087205c0dc72ce512890adca6064d7efd97b3e77f0575fdc66d08c
cca08fd9e75288985ae5019b20719865bba5592cd8c8964d42e1571127290e53
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
d019d75980bf17b58b05156bb6283d43c59467b8aa690d2dd867bca4c8ce83a4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c95e145b8f28a0e8a62eb2017b95248f618344fd490af692098d82ff2d8757
d17267664169a565f232a5aa7bccef578776adca421ed7bf0b29d0f14015c061
d3e8bf5c0bc916787ad339d2879fb8459b55c8d8dfff94f02c08b693aaa850c9
d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e
d683af749f9977c8b2673ca62493fc76925c218d7d79d40be34fbc172da6df71
d8ebe6e1096dc0cdbc5f6d48e4eabcef8564714f3223a97550b17b2b1a641a20
ddbdff26c16cb729470c05782af608414a88c72cd22675bed032cb4906d09d7d
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfacfbc1cb0eb3ba78bfc6d64cea38c2184bdf6010b1ae119439f9f018e2e501
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5418455c8aeb00641fe667756925987132c1054275a3d2065399105691fb277
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ecedae9d9bd8da80442389273ce409f31a27829736bbc659b5aa9d5fd1089495
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5981d8cb3c6aa24b24b6f12f6dcda2e21510c54a56dbdf890f71109fe555fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f262cc9f99ed794fac95b053ebc516d772c99b2c26f5090d43fdb0f5e24664b2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f87fe7b3c29bf69c660a53a622c8ade0ccca9c718ea2293a1d9ee01480325901
f9069e765fbe398f997add12a68cb2a29757379a4419198ef6fc3f627a06011f
f930261186b863a5859f84e987dc648646ae7037e391b9c76e33ba9b79b6bf9e
fa47cc46702c97e270b16594a5fc0bc23bb79352ce0a97796ce15a108961381c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd67efe8aac70390a024a95f8fe3355d692a22c846e65d55e82a8aa4014843f0
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fefa786b9c910f7639e5fd029f0989f51be56106e9ead9242d505a811a003f8f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0