urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Submission: On September 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 16 countries across 120 domains to perform 684 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
1 3 162.210.196.208 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
33 151.101.65.44 54113 (FASTLY)
84 2a00:1450:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 7 2a02:2638:3::c 44788 (ASN-CRITE...)
8 23.97.225.52 8075 (MICROSOFT...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
47 2a00:1450:400... 15169 (GOOGLE)
3 151.101.129.44 54113 (FASTLY)
20 141.226.228.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
13 34.250.19.175 16509 (AMAZON-02)
1 18.194.200.250 16509 (AMAZON-02)
2 10 104.18.39.155 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
6 35.227.252.103 15169 (GOOGLE)
1 52.57.206.170 16509 (AMAZON-02)
7 11 185.89.210.244 29990 (ASN-APPNEX)
1 95.101.149.35 16625 (AKAMAI-AS)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 6 51.89.9.254 16276 (OVH)
1 3 147.75.84.158 54825 (PACKET)
8 172.67.10.198 13335 (CLOUDFLAR...)
3 192.96.203.13 30633 (LEASEWEB-...)
11 175.110.113.213 49981 (WORLDSTREAM)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 141.95.98.65 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 178.250.1.11 44788 (ASN-CRITE...)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 54.38.197.123 16276 (OVH)
4 8 35.157.107.99 16509 (AMAZON-02)
1 185.132.133.134 49981 (WORLDSTREAM)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 47 172.217.16.194 15169 (GOOGLE)
8 172.64.148.101 13335 (CLOUDFLAR...)
4 35.244.159.8 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 104.64.126.246 16625 (AKAMAI-AS)
10 95.101.149.233 16625 (AKAMAI-AS)
12 3.33.220.150 16509 (AMAZON-02)
2 7 2a05:d018:d29... 16509 (AMAZON-02)
9 3.71.149.231 16509 (AMAZON-02)
2 4 52.30.24.178 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
5 9 69.173.144.165 26667 (RUBICONPR...)
6 2600:9000:223... 16509 (AMAZON-02)
9 2600:1f13:800... 16509 (AMAZON-02)
2 4 52.94.223.37 16509 (AMAZON-02)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.130.91 16509 (AMAZON-02)
3 2600:1f18:24e... 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 6 104.75.89.75 16625 (AKAMAI-AS)
1 2600:9000:225... 16509 (AMAZON-02)
2 185.170.60.45 27381 (CASALE-MEDIA)
3 12 37.157.6.237 198622 (ADFORM)
7 142.250.185.98 15169 (GOOGLE)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
2 34.95.69.49 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 69.166.1.66 27630 (AS-XFERNET)
1 1 2600:9000:211... 16509 (AMAZON-02)
1 13.230.13.81 16509 (AMAZON-02)
20 37.157.6.235 198622 (ADFORM)
2 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 52.28.44.182 16509 (AMAZON-02)
3 5 216.52.2.30 30282 (AS-INAPCD...)
7 7 46.228.174.117 56396 (AMOBEE)
3 4 76.223.111.18 16509 (AMAZON-02)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 1 3.121.164.104 16509 (AMAZON-02)
1 2 35.186.193.173 15169 (GOOGLE)
2 4 172.217.16.198 15169 (GOOGLE)
3 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 178.250.1.9 44788 (ASN-CRITE...)
4 7 185.64.190.78 62713 (AS-PUBMATIC)
3 3 193.0.160.130 54312 (ROCKETFUEL)
4 4 50.31.142.95 23352 (SERVERCEN...)
2 138.201.135.164 24940 (HETZNER-AS)
1 5 138.201.84.245 24940 (HETZNER-AS)
1 4 144.76.91.199 24940 (HETZNER-AS)
1 85.114.131.234 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
1 1 35.190.0.66 15169 (GOOGLE)
1 151.101.129.108 54113 (FASTLY)
1 13.32.99.50 16509 (AMAZON-02)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 95.101.148.20 16625 (AKAMAI-AS)
1 34.242.185.58 16509 (AMAZON-02)
1 5 185.86.139.103 201081 (SMARTADSE...)
3 23.35.236.201 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 18.208.74.11 14618 (AMAZON-AES)
1 1 216.52.2.16 32475 (SINGLEHOP...)
1 1 34.225.251.53 14618 (AMAZON-AES)
2 3.77.133.205 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
1 8.2.110.24 46636 (NATCOWEB)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 7 34.253.165.174 16509 (AMAZON-02)
1 2 23.50.131.87 20940 (AKAMAI-ASN1)
4 5 151.101.66.49 54113 (FASTLY)
3 3 35.214.165.154 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 8.43.72.98 26667 (RUBICONPR...)
9 198.47.127.205 3257 (GTT-BACKB...)
9 185.64.190.80 62713 (AS-PUBMATIC)
2 3 63.35.30.113 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.236.109.207 14618 (AMAZON-AES)
1 13 52.210.15.1 16509 (AMAZON-02)
2 3 70.42.32.63 13789 (INTERNAP-...)
2 2 52.71.98.102 14618 (AMAZON-AES)
1 1 52.0.53.240 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
1 1 72.246.169.24 16625 (AKAMAI-AS)
1 54.229.130.135 16509 (AMAZON-02)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.215.51 2514 (INFOSPHER...)
1 80.77.87.161 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 185.255.84.152 200271 (IGUANE-)
1 2 162.55.236.224 24940 (HETZNER-AS)
2 2 188.42.34.64 7979 (SERVERS-COM)
2 8.2.108.175 46636 (NATCOWEB)
1 1 37.157.6.254 198622 (ADFORM)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.231.181.122 32475 (SINGLEHOP...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 141.94.171.214 16276 (OVH)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.169 1299 (TWELVE99 ...)
1 1 34.102.163.6 ()
1 1 141.94.242.206 16276 (OVH)
2 2 141.94.171.213 16276 (OVH)
1 195.5.165.20 ()
1 1 35.186.154.107 ()
1 1 188.166.17.21 14061 (DIGITALOC...)
1 98.98.134.243 21859 (ZEN-ECN)
3 2606:4700::68... ()
684 136
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
15    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
3    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
4    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2a02:26f0:3500:12::1730:1786 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
33    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
84    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    2600:9000:2250:1200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
47    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
tpc.googlesyndication.com
b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com
ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
20    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
1    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-14513259571470306939.ampproject.net
5    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
13    34.250.19.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    18.194.200.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
10    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    52.57.206.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-206-170.eu-central-1.compute.amazonaws.com
tlx.3lift.com
11    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
6    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
11    175.110.113.213 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-213.hosted-by-worldstream.net
ad.vidverto.io
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223c:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700:e6::ac40:c426 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
15    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
8    35.157.107.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-99.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.vidver.to
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
47    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
8    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
adpushup-d.openx.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
12    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
7    2a05:d018:d29:3605:260b:940e:5542:581f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
9    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    52.30.24.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-24-178.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
19    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    2600:9000:223f:ee00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    2600:1f13:800:7781:770b:e7be:3f6f:3579 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2600:1f18:24e6:b902:b25:850e:c423:61a4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
10    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:9000:2250:1400:19:ba84:7f40:21 (United States)

ASN16509 (AMAZON-02, US)
d2849lw36e7cot.cloudfront.net
2    185.170.60.45 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a1114.casalemedia.com
12    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
c1.adform.net
dmp.adform.net
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    2600:9000:211e:c800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    13.230.13.81 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-13-81.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
20    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
3    52.28.44.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-44-182.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
4    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    3.121.164.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-164-104.eu-central-1.compute.amazonaws.com
d.agkn.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
ipac.ctnsnet.com
4    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
ad.doubleclick.net
8019191.fls.doubleclick.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
4    50.31.142.95 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal9000.redintelligence.net
5    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal900025.redintelligence.net
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
1    85.114.131.234 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21038.dus4.fastwebserver.de
cdn.contentspread.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    13.32.99.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-50.fra60.r.cloudfront.net
public.servenobid.com
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    34.242.185.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
g2.gumgum.com
5    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:f800:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    18.208.74.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-74-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    34.225.251.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-251-53.compute-1.amazonaws.com
ssp.disqus.com
2    3.77.133.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
7    34.253.165.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-165-174.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    23.50.131.87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-87.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    35.214.165.154 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 154.165.214.35.bc.googleusercontent.com
csync.loopme.me
1    2a05:d018:cc3:fe05:c52:5f4:1529:4d3a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
9    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
9    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    63.35.30.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    34.236.109.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-109-207.compute-1.amazonaws.com
a.audrte.com
13    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    52.71.98.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-98-102.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    52.0.53.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-53-240.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.229.130.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    173.231.181.122 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    141.94.242.206 (France)

ASN16276 (OVH, FR)
PTR: bixel-11.cloudy.ovh
green.erne.co
2    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel-eu.onaudience.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.186.154.107 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
3    2606:4700::6811:180e (None, )

ASN- ()
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
131 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com
ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com
1 MB
89 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393
ad.doubleclick.net — Cisco Umbrella Rank: 183
8019191.fls.doubleclick.net — Cisco Umbrella Rank: 275196
773 KB
56 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
vidstat.taboola.com — Cisco Umbrella Rank: 2913
am-trc-events.taboola.com — Cisco Umbrella Rank: 13572
images.taboola.com — Cisco Umbrella Rank: 1811
imprammp.taboola.com — Cisco Umbrella Rank: 13424
am-match.taboola.com — Cisco Umbrella Rank: 13561
wf.taboola.com — Cisco Umbrella Rank: 3138
am-vid-events.taboola.com — Cisco Umbrella Rank: 12698
vidstatb.taboola.com — Cisco Umbrella Rank: 5470
am-wf.taboola.com — Cisco Umbrella Rank: 14755
1 MB
33 adform.net
track.adform.net — Cisco Umbrella Rank: 4252
s1.adform.net — Cisco Umbrella Rank: 9545
c1.adform.net — Cisco Umbrella Rank: 660
dmp.adform.net — Cisco Umbrella Rank: 3578
cm.adform.net — Cisco Umbrella Rank: 1256
152 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
eus.rubiconproject.com — Cisco Umbrella Rank: 656
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
token.rubiconproject.com — Cisco Umbrella Rank: 662
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
66 KB
29 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 869
ads.pubmatic.com — Cisco Umbrella Rank: 572
simage2.pubmatic.com — Cisco Umbrella Rank: 896
image2.pubmatic.com — Cisco Umbrella Rank: 1056
simage4.pubmatic.com — Cisco Umbrella Rank: 1301
40 KB
20 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
a1114.casalemedia.com — Cisco Umbrella Rank: 371211
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
dsum.casalemedia.com — Cisco Umbrella Rank: 1573
13 KB
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
636 KB
19 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1012
static.adsafeprotected.com — Cisco Umbrella Rank: 683
dt.adsafeprotected.com — Cisco Umbrella Rank: 607
218 KB
16 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
4 KB
15 openx.net
rtb.openx.net — Cisco Umbrella Rank: 796
oajs.openx.net — Cisco Umbrella Rank: 1391
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
us-u.openx.net — Cisco Umbrella Rank: 518
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
2 KB
14 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1688
usersync.gumgum.com — Cisco Umbrella Rank: 2138
5 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com — Cisco Umbrella Rank: 5257
9 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
282 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
3 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
acdn.adnxs.com — Cisco Umbrella Rank: 643
secure.adnxs.com — Cisco Umbrella Rank: 500
25 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
bidder.criteo.com — Cisco Umbrella Rank: 866
mug.criteo.com — Cisco Umbrella Rank: 2500
dis.criteo.com — Cisco Umbrella Rank: 633
16 KB
11 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 33862
hal900025.redintelligence.net — Cisco Umbrella Rank: 234136
hal900018.redintelligence.net — Cisco Umbrella Rank: 180377
19 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 122
3 KB
11 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
211 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
218 KB
9 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1197
x.bidswitch.net — Cisco Umbrella Rank: 369
2 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
6 KB
8 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
16 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 632
3 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
396 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
sync.teads.tv — Cisco Umbrella Rank: 1452
1 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 747
ce.lijit.com — Cisco Umbrella Rank: 1071
3 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
www.google-analytics.com — Cisco Umbrella Rank: 49
761 B
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
752 B
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 906
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
2 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 624
4 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
11 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3243
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15699
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2910
3 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 597
2 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
r.turn.com — Cisco Umbrella Rank: 4368
2 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3462
casale-match.dotomi.com — Cisco Umbrella Rank: 3518
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625
567 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
126 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 cloudflare.com
cdnjs.cloudflare.com
25 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
1005 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23515
898 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
846 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1063
748 B
3 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 3654
p.rfihub.com — Cisco Umbrella Rank: 982
3 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
3 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 962
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9350
757 B
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
370 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
hbx.media.net — Cisco Umbrella Rank: 1338
10 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
74 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5086
562 B
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3871
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1294
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3341
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1606
1 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2211
412 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 596
701 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 617
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 773
2 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 605
1 KB
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3508
cs.admanmedia.com — Cisco Umbrella Rank: 1127
209 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
35 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 733
cdn.indexww.com — Cisco Umbrella Rank: 1763
2 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
1 KB
2 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 8158
ipac.ctnsnet.com — Cisco Umbrella Rank: 5824
983 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
1 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1120
723 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
31 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1430
104 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1180
814 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
735 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 828
id5-sync.com — Cisco Umbrella Rank: 432
27 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 770
187 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2801
555 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
639 B
1 iprom.net
core.iprom.net
281 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 24751
412 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1528
552 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3456
439 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1513
283 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1207
695 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 743
199 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 628
769 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1099
465 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1446
181 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10371
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1432
275 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2275
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1988
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5532
526 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 7482
553 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 79234
77 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 771
792 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 7806
44 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 780
390 B
1 cloudfront.net
d2849lw36e7cot.cloudfront.net
44 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
865 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
154 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
258 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
634 B
1 ampproject.net
d-14513259571470306939.ampproject.net
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891
3 KB
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
16 KB
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
684 120
Domain Requested by
84 pagead2.googlesyndication.com cdn.ampproject.org
www.bg3.co
ads.aralego.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
47 cm.g.doubleclick.net 17 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
www.bg3.co
g2.gumgum.com
41 tpc.googlesyndication.com www.bg3.co
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
20 s1.adform.net d2849lw36e7cot.cloudfront.net
track.adform.net
s1.adform.net
www.bg3.co
19 s0.2mdn.net www.bg3.co
s0.2mdn.net
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
15 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
cdn.ampproject.org
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
15 am-trc-events.taboola.com www.bg3.co
15 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
13 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
ssbsync.smartadserver.com
12 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
googleads.g.doubleclick.net
cdn.adpushup.com
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
csync.smilewanted.com
www.bg3.co
11 ad.vidverto.io www.bg3.co
ad.vidverto.io
11 images.taboola.com www.bg3.co
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 www.google.com b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 image2.pubmatic.com ads.pubmatic.com
9 simage2.pubmatic.com ads.pubmatic.com
www.bg3.co
9 dt.adsafeprotected.com b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
9 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
9 ups.analytics.yahoo.com am-match.taboola.com
imprammp.taboola.com
googleads.g.doubleclick.net
public.servenobid.com
ssum-sec.casalemedia.com
ads.pubmatic.com
8 track.adform.net cdn.adpushup.com
d2849lw36e7cot.cloudfront.net
s1.adform.net
hal900025.redintelligence.net
8 x.bidswitch.net 4 redirects b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
g2.gumgum.com
www.bg3.co
8 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 e3.adpushup.com www.bg3.co
7 match.prod.bidr.io 7 redirects
7 image6.pubmatic.com 4 redirects ads.pubmatic.com
7 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
7 pr-bh.ybp.yahoo.com 2 redirects am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
www.bg3.co
6 static.adsafeprotected.com b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
srcdoc
6 onetag-sys.com 1 redirects cdn.adpushup.com
ad.vidverto.io
public.servenobid.com
csync.smilewanted.com
6 rtb.openx.net cdn.adpushup.com
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
5 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
5 hal900025.redintelligence.net 1 redirects www.bg3.co
d2849lw36e7cot.cloudfront.net
hal900025.redintelligence.net
5 sync.1rx.io 5 redirects
5 ap.lijit.com 3 redirects public.servenobid.com
csync.smilewanted.com
5 us-u.openx.net 1 redirects googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 hal900018.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900018.redintelligence.net
4 b1sync.zemanta.com 4 redirects
4 eb2.3lift.com 3 redirects cdn.adpushup.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 fw.adsafeprotected.com 2 redirects www.bg3.co
4 secure-assets.rubiconproject.com 4 redirects
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 cdnjs.cloudflare.com s1.adform.net
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 csync.loopme.me 3 redirects
3 cms.quantserve.com 3 redirects
3 secure.adnxs.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
3 ssum-sec.casalemedia.com public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 ad.turn.com 3 redirects
3 pm.w55c.net 3 redirects
3 http-intake.logs.datadoghq.com cdn.adpushup.com
3 fonts.googleapis.com cdn.taboola.com
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
s0.2mdn.net
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 prebid.a-mo.net 1 redirects cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 static.criteo.net securepubads.g.doubleclick.net
cdn.adpushup.com
static.criteo.net
3 ads.aralego.com 1 redirects ads.aralego.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.bumlam.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects www.bg3.co
2 us.ck-ie.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 sync.richaudience.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
2 p.rfihub.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 dsp.adfarm1.adition.com 2 redirects
2 8019191.fls.doubleclick.net 1 redirects www.bg3.co
2 hal9000.redintelligence.net d2849lw36e7cot.cloudfront.net
googleads.g.doubleclick.net
2 dis.criteo.com 2 redirects
2 ad.doubleclick.net 1 redirects www.bg3.co
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.go.sonobi.com b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
public.servenobid.com
2 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
2 i.clean.gg d2849lw36e7cot.cloudfront.net
2 a1114.casalemedia.com cdn.adpushup.com
d2849lw36e7cot.cloudfront.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 mug.criteo.com www.bg3.co
2 oajs.openx.net 1 redirects www.bg3.co
2 prebid.smilewanted.com cdn.adpushup.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.adpushup.com
2 trc.taboola.com cdn.taboola.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 pixel-sync.sitescout.com www.bg3.co
1 match.adsby.bidtheatre.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 pubmatic-match.dotomi.com www.bg3.co
1 mwzeom.zeotap.com www.bg3.co
1 cm.adgrx.com ads.pubmatic.com
1 am-wf.taboola.com vidstat.taboola.com
1 fonts.gstatic.com fonts.googleapis.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cm.adform.net 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 ad.360yield.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 static.smilewanted.com csync.smilewanted.com
1 sync.admanmedia.com public.servenobid.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 ce.lijit.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 ads.travelaudience.com 1 redirects
1 adservice.google.com 8019191.fls.doubleclick.net
1 cdn.contentspread.net hal900018.redintelligence.net
1 a.rfihub.com 1 redirects
1 r.turn.com b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
1 ius.ctnsnet.com 1 redirects
1 d.agkn.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cc.adingo.jp b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 s.tribalfusion.com www.bg3.co
1 www.gstatic.com googleads.g.doubleclick.net
1 ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d2849lw36e7cot.cloudfront.net cdn.adpushup.com
1 b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 px.ads.linkedin.com eus.rubiconproject.com
1 vidstatb.taboola.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 stats.g.doubleclick.net cdn.ampproject.org
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 imasdk.googleapis.com ad.vidverto.io
1 pixel.quantserve.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 rules.quantcount.com secure.quantserve.com
1 id5-sync.com cdn.id5-sync.com
1 prebid.media.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-14513259571470306939.ampproject.net cdn.ampproject.org
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 sync.tidaltv.com Failed ssbsync.smartadserver.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 static.bg3.co Failed www.bg3.co
684 206
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
contentspread.net
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 126 frames:

Primary Page: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Frame ID: 1AD30A9562F4133D92E43C1E3057BD1E
Requests: 183 HTTP requests in this frame

Frame: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CD20DD10B015A49996C3AE372EF14BF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAELMAY9D0qZmbmFD8ik0QwXiob84rP-9j5cxaO1kIwDP3zWsAOZchWAkQ9WILvj_WmldqmZqRoq7-OOGE6U1KdAb-QZJsR8G9j8oG7TMUVfvgCqepqmcn0pRkyzHFVpuVL6a_rl_y1oPhdTV4OwiyYOSnouF-DObzVQkaTEdqvc-u5f8_M-0-x1NEK6HPWNszjrwNQ2PXPvoTThRrAVik6PMtn2xhw8T2k8QBeOkHzF7sgJZFL_hbovl4aCrbuRBQ8h3grBSJ68QnXbHaqq-t6PQsno2LnXU2nY_wx6Di5crahwybxjc2CSyJpAIanJWZZ6Cn&sai=AMfl-YSocIGYtdeKFfVw5h4mTVWdS0BlX62zX-UrOqE72LdBMRaYA-iSw0XIon-1zGyYxXn0fghK6nB2w6CE4x6sAv_h2SiMDT_TUd3I8OOa80B7J1DyKkp-gRKVabDB3CvHlvakHMMePFp2HWwBqOM&sig=Cg0ArKJSzCdg-LKRQFnWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 694430BA0923B5BB907DC252BB778D49
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 126F04609B9EAAA0DACC1BB190215A0D
Requests: 2 HTTP requests in this frame

Frame: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E24561B52E51833E202A534C3AD1C0F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Frame ID: BA413926EC9EDE3E2E4F2F03A98901CD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0406207BE81636C3F3254025494FFAF2
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E2381409F54337EE5617FCE9A5A61CFA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 3B2B9F52D32E8961E4FF4E52642F8807
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=undefined&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8251b8cc-7c4d-47fd-9a1d-66cbf06abe72&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2E7E81BEAF0E0ACFC01A8FBD0AFDE505
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 962F9C62BEE871653E42A312C4047356
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 4C8F21BD266D95F82B868A72E438B53B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 9DEFDC2E439BD951F82A0CF834A2C254
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9FAC4A5289C557E7F715CF85639B4B24
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B259DB3663FBEE64699F45F93DDB38DA
Requests: 7 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B3F44C973EB661F031CCCE1597EB1AFD
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 0F32C26D745E06A4C32AEB0EECC87E42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0EC3887CFCF0E0014D3284B03A4D5CE1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 5E276BE627B42F21F9EBBC56EB25DB85
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 767C26A28581D089363E7608896D00CF
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 45F07A80760210C1AAF061EFB0C09679
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C5BB96D4321E76258F6FD6831F96A4A6
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: BEF04179C0FFC28237216A01495E2EC7
Requests: 2 HTTP requests in this frame

Frame: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 063E42BC2A43FAFFE40AB441656DBBFC
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Frame ID: D43E518E1048F37D9F60BCCF2A262F0F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Frame ID: A5CF9747FA807EBDE7C50855D11457BC
Requests: 5 HTTP requests in this frame

Frame: https://b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AB0649FFBFEBFF16AA8ECFA6E619B8EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Frame ID: 2F4F828B7C2D3585C8DCEF0FF4DD81A4
Requests: 17 HTTP requests in this frame

Frame: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA468878574E37C13DB7D2BD3DE0ABA6
Requests: 20 HTTP requests in this frame

Frame: https://d2849lw36e7cot.cloudfront.net/script.js
Frame ID: B4E726C0A36EB604726235EB584CECD1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Frame ID: 8CCCCA4921232BD9BCEAA730E9AA03F6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 287EFCF1CA7B63E491C29BE94D5DFA79
Requests: 25 HTTP requests in this frame

Frame: https://ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D61554AED1554256393EC7DDCE0C5DB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0A32DAC5C1366E89D16E83F842B8829E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C74C11CFA09DDF24665647D4A6A2A15D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGJDaxfUBMAE&v=APEucNUvq4ve1fkqIy7LoJzd_VKfW0wO11UUvfT0SJkVW6l57s465F4zA7SufUB6eazeuTXPMIaaacFRF87HghR1nSncllNFzjrQ_i3cPSuVH7kvWKmmKHfa3aEvPyHGqp0Kcvu0CPQ5I8IWT3G3tbkAxuOGCmzRjmqcQVYgdSK1xlb91k3eookzzdEjMdpMUSWFDkYlovf9IcMreR8nWTh8bLJAkeGSSg
Frame ID: E592F317A8E1F2D79B3C4A080F517CF3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09F5DE39B7C04D8D7C48F8552278FFA4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CAB99D9A940F1909C0D1098DA963F2E6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 160EDEA6148848BEDFEC607BC00943E8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28DB4AEB9B2DCE2ABC00C0937FF6BA26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3256B9ADB2570E60D71C539F90F44F6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVX0BJUFDSNaJTiZVSDxND6HvrjbRgGD8fM6z8s8x7PjyDYMJu2w0_aElLNnCWfE_UjJUznjfSvKdeXmTdYJh6DUOXWH7sYOvdr1PTxj2SZmbWs1Rn8sCYeBP_7bnKT6zS-dciKa_ppVkla-eBQo708YcmMjEFq8cT-mOe-fy71ZCcZqCw
Frame ID: D0C5FAC831E1BBFDD93496A778B3219B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E056758ED16F4D48C91A2036E18C1F9B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8CEC735A7D181FCD93232C834107E3D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Frame ID: F1AA5188EF6BAC45F3312284EA6786E7
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D17DE26CF2CFFAC0AFB01EA405B2A01F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: 8A59A9FCFE85DBD4E0BF78B440D32668
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8208C8E04856B0390626CA000A7F60F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B19A8C5F55721055EAE13B06E506F53C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4500547324903106522/index.html?ev=01_250
Frame ID: A87A2912B9FFE9A9CA8CF4E6F7948922
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2D1039EA80D0DE18A40C4EF1979DDAF
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 821DC2FBF764613F8324FFD1E5AB88B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3432A251F17FDB81AAC0243D097594D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D03C2A19B3F391A82468B5FFED6A65E0
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927
Frame ID: 046922E90F5BF6B7E2185E9395786BA4
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=48322100127159404444994012440018&a=c968998d
Frame ID: C690545848B194F5A7D68785FCFE8EC8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 05168258879046F46045524A683BE37B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 457B56861BB6CF8439CF23929A452C3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C42B038DAB5D9833D7F102789E34463E
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 8960E99F47CB054847C336E43147A1BD
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694106697037
Frame ID: 54CB2B74AD20E2DFCAB701C666076D22
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: FD0ED5AAF0D5B942C9A3775FDAC176CE
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 892C4DCEB907A7AE0202644DFB6E1C19
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37E231212702FB18AC19EF8E3781B023
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 86CA7DA31EB8FD88B2E1950E89E43193
Requests: 14 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 412710D7D83E6781037A9F0DFE46F58A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0DA8031E84D6ACAF85A9D7F8EFED3348
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 01B691A1B68B5F5E95ADECB871E56EB7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FE8E4EEF9B7A5B579C3777E2307D5ED1
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 4761D97E935A1F360D6DB5A04B016BB5
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 3B0695427F56213586608A1D39325648
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: B50F87FEECC62D5E0F08A7A233AFB775
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 97C3BB5B1F12F2F8D0D6A8C5CDF5A7C2
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 2EF730231D4B51352EF2F5BECE93C193
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A5AC5BCAB9CFD01B8AB12B9C531F88D9
Requests: 21 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 3F36C819ADBD3937CEC8DBE68E937D4F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: EDF6809172DD598E191B3730679E0018
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 64A4256BDFDD7598A32C0E1F696C4106
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1FA54E4468877FA5D2189DC7F32CCD47
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5E1AFC10D0ED4DE7A1FC71F717194C45
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 9DBA4BF1AF948E7DAA1894D1EBCDDAC1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 8EE534C1676126F9048B356EBFBD7E4E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&redir=true&gdpr=0&gdpr_consent=
Frame ID: 1DCE604C38945771904D387C717915B9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
Frame ID: E67D2003D8F20977C3ECBCA1816A47C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Frame ID: 657A56934190868994BEBBD9D197661E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 959362CE2E07112671F58822CDE6C59F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPoETAAAA_YxQgAb&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
Frame ID: DB3F9DD6D7EAE976648CF57400DCC7C1
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NWNhNTg2MC05NzllLTQxNjktOThkZC04MWZmY2JjMTljYjY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 42D97D8BF43AAF1A89C97BDC674F1B44
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: DC58E629BEDEC8097BB1E382D4DF4165
Requests: 4 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 67784185F1818F11CFEC89E56B76B33A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPoETcCo8X4AACpzH.UAAAAA
Frame ID: E32ECEC8736EE74953E4D5AA8C47DECA
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: EDE17A9837AD419C1FF7D4AE3ED4F9D8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Cix0reZyew2Q67YD2DF4&pi=gumgum&tc=1
Frame ID: 94F741005E4E4453FB2C180C8CDBE3BA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 72433BC7E1FA82AD6CE55227ADA47F52
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 6D96F2A151874CB02A73E2C72F641B12
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6836324311
Frame ID: 0BF3C8322DEFEF803CDC9D5D644217C8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/e40a76bf-24f4-52fa-a0ff-3237c405367b
Frame ID: D0E2D037228FBA04353D36BDD831E782
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 5713B03F10D9A748D3B75583C644A83D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4140809763479121200
Frame ID: 342CC5F996C67D9636993FD9EC3430C6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/808512fffeb79772c24558d66314e91?gdpr_consent=&gdpr=0
Frame ID: E8FBADEE64C080A41F2653AA3A2EB6FD
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 09F0424A425FA1F02DB2377E2F36C713
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: A991DAD1726E9FA535807B1101F1AC30
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Frame ID: BBB04308118B8A41113A9A5A4CF6DDA1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760900185025154561&gdpr=0&gdpr_consent=
Frame ID: B7D484077B28D0DB0E5D91945052D0B5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VMsOgyCsWQpUjkTFq-chay2NmEk&gdpr=0&gdpr_consent=
Frame ID: 3F2E4DC6C2F662E9F736AFB882372601
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276132868161992847&gdpr=0&gdpr_consent=
Frame ID: 0A5D40D80167CEE977DE6EE88F69ACB3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 62A4767A12583FC9AB2CE72DDFE9D71C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 0F863B94D54A50ADCF806E6DCE0BF961
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 197EF263B74967AB0ED4B632DCA8F311
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAqfE7J9AkAADR3_pnOSA&gdpr=0
Frame ID: 96544758E3757AD3B257AB2D0A6E9FBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Frame ID: 1096DDA5E36AB13FB078FCFFA5F5B130
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU479c4aa557164e1184fefcee278ff4d5
Frame ID: CE0C30D2F3066CDAE64CD8666F9C86DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=962268519981634368
Frame ID: 5D7544460BFCFE9734B1904E42169092
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5648828114216056122
Frame ID: 667CD5D0733DBF42CCD2C3FB480856B1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 7ACD1FE36735DEFB5B603D500B0866C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Frame ID: 37B57F28EA2A58DFD653719D0CD47A7E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRYXbbXRnQSRbMYb&gdpr=0&gdpr_consent=
Frame ID: F2C9AF8FC573D396897F298F7EB717BB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 276B9C6830E229716904AD7A8C384F49
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=10tjtl16pvuy
Frame ID: 7FC89EF3544E5A4A4F2CA75588439BA2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Frame ID: BB44FE73946344E058545DA00C12668F
Requests: 1 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
Frame ID: 6ED624622A258981E5DCDA5F8B64FB51
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35185931423316192076&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3882&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697202&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1241&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 12236E8ABB5866F43AB0CC4670B9FE3E
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/13350666/13350666.js?ADFassetID=13350666&bv=258
Frame ID: D6A13BA8E1A349CAF03C4C0AB0B7E179
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 020A870A9BFCDFAE3141C247D782FDDF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F135D7B7D53D36C209EE89B939E96940
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96984C605AC151D21228DA80A2B553A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

泰國鮮肉正夯!《一年生2》見面會加開安可場 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

684
Requests

83 %
HTTPS

27 %
IPv6

120
Domains

206
Subdomains

136
IPs

16
Countries

6007 kB
Transfer

17158 kB
Size

151
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 121
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp&cc=1
Request Chain 134
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=fDJn5HxEZzhVZWZJKytRZkhSRmRjZEYzbnB1UUdwWm90ekcrbVQzU2ZiQ3R6TUFPODJhR21EYlVMeURqTXN6MVJwN3ZBQzk1TDU4VlZEMHRrb3ZjQkg5WXZmSUg2V2IxMTFQa0krTEc0MWZmejlSNjM0SGIrQzFLOTkwK1ZZQmFMZHBDbStPM2NpZWxUY0RjM0tJTFFjK3p0bXdMcVVwSDZwaVpSS1k4WDBqNllKWmtYMlh4SUxSTmFVaU42azBoVTFKb0UxdEtwYXEzdHBhMFczN09CNUJjY2NLSUNaKytSbUpnZXcxY1ZlR3o0bi95MFU2cXgrL2hXZVljZWE3M2cxUER5Rko5Vm1aT0FiMUFjNkJMU0c1S0JMZz09fA&cppv=2
Request Chain 161
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D26e45e69-d69c-4cea-bc83-bb1432635afe%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=26e45e69-d69c-4cea-bc83-bb1432635afe&p_id=23
Request Chain 162
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=26e45e69-d69c-4cea-bc83-bb1432635afe&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=26e45e69-d69c-4cea-bc83-bb1432635afe&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&p_id=15
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
Request Chain 168
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPoESROoojD1qnDOJ6gotAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH54CWjxfHdsvt3Z-Y4XsZM&google_cver=1
Request Chain 170
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2MDkwMDE4NTAyNTE1NDU2MQ%3D%3D
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 219
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8933329999391104&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gB--BKl2umQalERbbDMX8M&adContainerId=brand_safety_SQT6ZJK7GKi5x_APweSLqAU&cbFunctionName=goog_wrapCb_SQT6ZJK7GKi5x_APweSLqAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.bg3.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.bg3.co%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fb0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:fd9b5b4b-6dce-8959-4bfb-431f374fd85b,c:nynH5B,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b8897859f-j2sc2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tPbZ3y1+11%7C121%7C13%7C14%7C15%7C16%7C17%7C181*.990511-61634100%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:31,oid:9ab30216-4da1-11ee-a53f-7a47c1b5d5ad,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQT6ZJK7GKi5x_APweSLqAU&cbFunctionName=goog_wrapCb_SQT6ZJK7GKi5x_APweSLqAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 222
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 226
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oCEcm9NERZepZYCnlVg8lw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oCEcm9NERZepZYCnlVg8lw
Request Chain 228
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9FDXCP-5-5E6Y
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi5ILLV1Upo3amV2ppbyG0&google_cver=1
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjMwMTE0YTE5ZGRiMjhkMTJkMDBkOTQxODVmMWMyMzdmOTRlMWQ3ZQ
Request Chain 231
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE05RkRYQ1AtNS01RTZZ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=
Request Chain 232
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OSlNCXTfvF_k0gdn_J2kkw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UddHon9E2oKMNpVGTRe5Nr44aD7NdvWaIwBa5w--~A
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xf4CJs0FTtqDTURJWr0oLA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xf4CJs0FTtqDTURJWr0oLA
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Request Chain 339
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 342
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMhvgwfKcd6jXGViTiBZ1Zt_4F4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMhvgwfKcd6jXGViTiBZ1Zt_4F4
Request Chain 344
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd2O6Kz-bOVj3oHlRi93Dk&google_cver=1&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt4FhqKZ3Z4HA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt4FhqKZ3Z4HA
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Request Chain 382
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5BcczVhX9fb5iep0eGkiGc2Gz6GHHB-faV5WHlZZ9JS-SvcvVTB9v-YNOiUZ-WdmhRqxAhlFf4NrW3uIRSKBzFuUbSwIo36yEL5DDSb6eoEd25Y4 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5BcczVhX9fb5iep0eGkiGc2Gz6GHHB-faV5WHlZZ9JS-SvcvVTB9v-YNOiUZ-WdmhRqxAhlFf4NrW3uIRSKBzFuUbSwIo36yEL5DDSb6eoEd25Y4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5BcczVhX9fb5iep0eGkiGc2Gz6GHHB-faV5WHlZZ9JS-SvcvVTB9v-YNOiUZ-WdmhRqxAhlFf4NrW3uIRSKBzFuUbSwIo36yEL5DDSb6eoEd25Y4
Request Chain 384
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3JhLNxLOjHTKLmOT0lFW_qKZd HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3JhLNxLOjHTKLmOT0lFW_qKZd&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3JhLNxLOjHTKLmOT0lFW_qKZd&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Request Chain 385
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMxZlYdXKqzEgWh5QHU8HhY&google_cver=1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1694106698765 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81148098-47fc-4c20-a971-cefde0d48ca4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn%26google_hm%3DA4EUgJhH_EwgqXHO_eDUjKQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn&google_hm=A4EUgJhH_EwgqXHO_eDUjKQ
Request Chain 386
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG48BwAY6YMCNdAakddmtXk&google_cver=1&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX5Dv9gI0IdNf0H5s63UmKuSpcrasgS-xeos5eiGPaNIAD7e_eYH8cCykqB HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX5Dv9gI0IdNf0H5s63UmKuSpcrasgS-xeos5eiGPaNIAD7e_eYH8cCykqB&google_gid=CAESEG48BwAY6YMCNdAakddmtXk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX5Dv9gI0IdNf0H5s63UmKuSpcrasgS-xeos5eiGPaNIAD7e_eYH8cCykqB
Request Chain 387
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELgFtls2plvn8ib1wD-r0vQ&google_cver=1&google_push=AXcoOmSKLVsHccEqgvB2f7ifcCClmSZOehk61k08o1Q_QuL6E5EYahY1l6MmTTaV93dXraa2hFocIT4HWgiDPX0-HVvf3XnoVbcW5m7y5IIzcZpF9mU5mI2c1RLzL_YRrWYFaZLovGtXxn2nAFE0tUcKG66UMw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSKLVsHccEqgvB2f7ifcCClmSZOehk61k08o1Q_QuL6E5EYahY1l6MmTTaV93dXraa2hFocIT4HWgiDPX0-HVvf3XnoVbcW5m7y5IIzcZpF9mU5mI2c1RLzL_YRrWYFaZLovGtXxn2nAFE0tUcKG66UMw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 398
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmSIW2cwE9udWbQvO3ImkXDh9j2p1KCZA7JFR8Vp7hYmES1L3loqjDluJP1fVDW8l4Xb2feVvDvyZi16fjXvoajSMITBYJUx-6lZy8Lez7y5zG3HWTxF1Da9OA8VmVkxJDdz6f1H1AF-eYPEeDqc194tNMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmSIW2cwE9udWbQvO3ImkXDh9j2p1KCZA7JFR8Vp7hYmES1L3loqjDluJP1fVDW8l4Xb2feVvDvyZi16fjXvoajSMITBYJUx-6lZy8Lez7y5zG3HWTxF1Da9OA8VmVkxJDdz6f1H1AF-eYPEeDqc194tNMI
Request Chain 399
  • https://um.simpli.fi/gp_match?google_gid=CAESEGE9sjVTKYw4rqSDhpo9y_M&google_cver=1&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DXWlMiQ9gdwvcyHMIeE_FeGpgeOO7SIRBhM-5rcbzzuU7nTkTUBTC4CBgRih28m75uh9PjJzYY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A36F5B97259546F895D5F2E6716D52D9&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DXWlMiQ9gdwvcyHMIeE_FeGpgeOO7SIRBhM-5rcbzzuU7nTkTUBTC4CBgRih28m75uh9PjJzYY
Request Chain 401
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPzRzmWTlkD8U32xWtqVOrQ&google_cver=1&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2yw-EvVkkaZ6eFFfNPJWgICpVHN18nQODC7SZRYXAxt42_URtxzfPVkqdTRM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2yw-EvVkkaZ6eFFfNPJWgICpVHN18nQODC7SZRYXAxt42_URtxzfPVkqdTRM&google_hm=Q0FFU0VQelJ6bVdUbGtEOFUzMnhXdHFWT3JR
Request Chain 403
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECBqtPEY21awCw-LzY4R02E&google_cver=1&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGpmOYy7P52AR2GQ9yUcAPD2RbjbSDvb61V-fex4NmAxMK8SMQCxQ5B4N6B_2gZlmkjEFwv_fmW8X8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGpmOYy7P52AR2GQ9yUcAPD2RbjbSDvb61V-fex4NmAxMK8SMQCxQ5B4N6B_2gZlmkjEFwv_fmW8X8
Request Chain 404
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGHPEkpiXoRpIhSoUzFfqH4&google_cver=1&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZPIT9SS-EKKzuzsGloHLFUFqlh5FIweylf9NxxjmmbToFCKMj-OpFYH_pCgaJFO9WUNm_3B8GrAKT4hXV_g6NWOzqAyXas HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZPIT9SS-EKKzuzsGloHLFUFqlh5FIweylf9NxxjmmbToFCKMj-OpFYH_pCgaJFO9WUNm_3B8GrAKT4hXV_g6NWOzqAyXas&google_hm=nhzvAZnaQYafq2jfF8Zqakk
Request Chain 406
  • https://fw.adsafeprotected.com/rfw/st/1593509/73170905/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014084652&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20454105566&bidurl=https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ias_dealId=&xsId=ABAjH0gbeobNGVybMARLQd0n3eEZ&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gbeobNGVybMARLQd0n3eEZ&adContainerId=brand_safety_SgT6ZPiwHIKxx_AP7oikuAc&cbFunctionName=goog_wrapCb_SgT6ZPiwHIKxx_AP7oikuAc&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.bg3.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.bg3.co%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D90073500%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-13873632223024512580%26dff%3Dsans-serif%26prev_fmts%3D1600x96%252C1600x250%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D3%26pfx%3D0%26pwprc%3D1037897477%26adf%3D16789255%26nhd%3D0%26adx%3D1000%26ady%3D3038%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D38005942%26ga_hid%3D631426543%26dt%3D1694106697420%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%26bdt%3D1459%26dtd%3D11%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co&adsafe_type=bed&adsafe_jsinfo=,id:30060e91-5799-1e24-78e0-0a192ba83d3e,c:nynHnY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6b8897859f-ptkw9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tPbZ3Ql+11%7C121%7C1221%7C1311%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1*.1593509-73170905%7C1g11%7C1g12%7C1h1%7C1h2%7C1h3%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1l,idMap:1g1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:34,oid:9b5a1718-4da1-11ee-8642-f6433822e4fd,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 408
  • https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_pre=CLf9hKD_mIEDFXHxEQgdJHsJPg;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
Request Chain 410
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1&google_push=AXcoOmRaec_zJ8GXlPYvHQsr6WxLdDWLK64X-6LetnfFWDI5LGyRmBQEIll2r2fdaJ_NRhBLkfbdwdumem6G24lC-Z6OwwKgVtH_DQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAxMTAxMTM1NzIxNzc5MTAyOA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1
Request Chain 411
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT_EkzXY4LUqQYhGDbKPK_2dI09QoH5K5K1iv15heTgl9jJuDGC280ZwZV2kPtVDNhT52AUrzd4zH3SAhcYLDa5VmENQdDYxg&google_gid=CAESECntrVTbmxMM7MEl68JSgqo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-nfcQCavsBxK9Aflr3nNSc1F41tW1EgguCbSlJg&google_push=AXcoOmT_EkzXY4LUqQYhGDbKPK_2dI09QoH5K5K1iv15heTgl9jJuDGC280ZwZV2kPtVDNhT52AUrzd4zH3SAhcYLDa5VmENQdDYxg
Request Chain 413
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIxnOYu91rTWjmSP-rmqoFg&google_cver=1&google_push=AXcoOmSHyiKjuZ_PM9dTEB63A75zAm8MVwBUuemGTQCTPGiha0Fumscfnn45JLLxJXbr5M0QmAjs_pGLbqlfE7N-PiK8OnG1C6jh HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIxnOYu91rTWjmSP-rmqoFg&google_cver=1&google_push=AXcoOmSHyiKjuZ_PM9dTEB63A75zAm8MVwBUuemGTQCTPGiha0Fumscfnn45JLLxJXbr5M0QmAjs_pGLbqlfE7N-PiK8OnG1C6jh&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHyiKjuZ_PM9dTEB63A75zAm8MVwBUuemGTQCTPGiha0Fumscfnn45JLLxJXbr5M0QmAjs_pGLbqlfE7N-PiK8OnG1C6jh
Request Chain 414
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55Ic-jpdFYjRJu HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55Ic-jpdFYjRJu&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Request Chain 415
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEL-LeiQCsPw1fgTKNSH--eM&google_cver=1&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQFjpFkmTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQFjpFkmTg&google_hm=OTYyMjY4NTE5OTgxNjM0MzY4
Request Chain 416
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDdz1H_Xj95yoDfnEthYJs8&google_cver=1&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEDdz1H_Xj95yoDfnEthYJs8&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs&google_hm=MnhGaWhRejBDRzFWaFhubzdEQXI=
Request Chain 440
  • https://hal900025.redintelligence.net/request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=SSP%3AIndex%20Exchange&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239502%3Bcrtbwp%3DZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw%3Bcrtbdata%3DxBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0%3Badfibeg%3D0%3Bcdata%3DrzvlcF2o0stydr60SavkIR_smBbzYPuIm3GBdJALJjTkrr4WFHyz438eiCOZQEdJLpGEV7RiM-evPCrSsv5_L3LLb10zwiQqt37nwxhVSlRdeoz0uNsdh6sRWCNx7bo9F5JJLZII9KzkPlaDTc2TXeFBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%252fa%252ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=2089097642383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900025.redintelligence.net/request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=SSP%3AIndex%20Exchange&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239502%3Bcrtbwp%3DZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw%3Bcrtbdata%3DxBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0%3Badfibeg%3D0%3Bcdata%3DrzvlcF2o0stydr60SavkIR_smBbzYPuIm3GBdJALJjTkrr4WFHyz438eiCOZQEdJLpGEV7RiM-evPCrSsv5_L3LLb10zwiQqt37nwxhVSlRdeoz0uNsdh6sRWCNx7bo9F5JJLZII9KzkPlaDTc2TXeFBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%252fa%252ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=2089097642383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 441
  • https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=2652709461485&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=2652709461485&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 459
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927
Request Chain 469
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENJvYlAOZo_OzQmtGT7K6jE&google_cver=1&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9OqAUlHmF2COYVrhqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjEzMjg2ODE2MTk5Mjg0Nw%3D%3D&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9OqAUlHmF2COYVrhqw
Request Chain 470
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESED234OBNHr2VTfmhtvcZiMs&google_cver=1&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU94LTxY_l8Yp2vQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JcXvfPKxQnWYOZodedoGQA2&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU94LTxY_l8Yp2vQ
Request Chain 471
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEH9RU0OJXgLlvausUm0LuU&google_cver=1&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskhbu1fl1WsQI8gO74blJ2dof3g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0MDgwOTc2MzQ3OTEyMTIwMA&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskhbu1fl1WsQI8gO74blJ2dof3g
Request Chain 473
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJz0UMUZUzFsGk1G6GD1HJZbKby HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJz0UMUZUzFsGk1G6GD1HJZbKby
Request Chain 474
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG48BwAY6YMCNdAakddmtXk&google_cver=1&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvxSPgUVRTJIlolzEipBAoVpXX2-gayOMcx2JZnpe_83lt_bQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvxSPgUVRTJIlolzEipBAoVpXX2-gayOMcx2JZnpe_83lt_bQ
Request Chain 518
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 523
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3760900185025154561
Request Chain 524
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HSEnuGZH5Ev5rjo3QZaafZYs
Request Chain 526
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8005323317 HTTP 302
  • https://sync.1rx.io/usersync/turn/9011011357217791028?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81148098-47fc-4c20-a971-cefde0d48ca4-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-81148098-47fc-4c20-a971-cefde0d48ca4-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-81148098-47fc-4c20-a971-cefde0d48ca4-003
Request Chain 527
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=962268519981634368
Request Chain 529
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 531
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-5309c935-8e7d-3528-a4b8-aafd908258c3
Request Chain 534
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 541
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGowr6UclTbJokQlEGZvWuE&google_cver=1
Request Chain 542
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
Request Chain 544
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yug3uczoZeHR7jO5xOx86M7pYrzR7jK7me_bicyY
Request Chain 545
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
Request Chain 550
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAqfE7J9AkAADR3_pnOSA&expiration=1695316300
Request Chain 552
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPoETAALUuW3QABV HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPoETAALUuW3QABV&_test=ZPoETAALUuW3QABV
Request Chain 553
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=db7cc971-93d1-4a17-a6b0-85c622bcd599&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 555
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
Request Chain 556
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
Request Chain 562
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 564
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
Request Chain 566
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 568
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3140327685 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Request Chain 569
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTBnZk4tVVIyS0dTNTY1Z1BHaUFkMVhVdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4140809763479121200&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 570
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZGQjdGMTgtNjkwRi00Mjg4LUFFMEEtQzZDQTk0NkY2MEM2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIMzSpV_ycM0mpG8ohl_b5Y&google_cver=1
Request Chain 574
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4140809763479121200
Request Chain 577
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3760900185025154561
Request Chain 578
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=f4fbTHmHiRRkgd9McYOQHXuGjklkgd5OLID7cHl7
Request Chain 579
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28RSakdYfWiC2DpxzeeVBIlerG_zjGzWoj6CtucL6btlBBKQfS5FTD_fQGyscbUWWq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28RSakdYfWiC2DpxzeeVBIlerG_zjGzWoj6CtucL6btlBBKQfS5FTD_fQGyscbUWWq%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&obuid=ENC(RSakdYfWiC2DpxzeeVBIlerG_zjGzWoj6CtucL6btlBBKQfS5FTD_fQGyscbUWWq)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 580
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=d1bec83e-ec78-4290-9a24-124343790ab2
Request Chain 581
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Request Chain 582
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5iZullhE2pdBeSCYBlPM7JSck0x7uaIKY8iK~A
Request Chain 583
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b397b7b-55a9-497d-9fd0-c1e43691324f
Request Chain 585
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=2xFihQz0CG1VhXno7DAr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTYIZUWQUL2GBBUOMKWNBMG43ZXIRAXEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTYIZUWQUL2GBBUOMKWNBMG43ZXIRAXEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=2xFihQz0CG1VhXno7DAr&us_privacy=1---
Request Chain 587
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=P6Gd6EdmA5JA&ev=1&pid=558355
Request Chain 588
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8946434899746858978
Request Chain 591
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPoETAAAA_YxQgAb&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
Request Chain 595
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPoETcCo8X4AACpzH.UAAAAA
Request Chain 597
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Cix0reZyew2Q67YD2DF4&pi=gumgum&tc=1
Request Chain 598
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 600
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAqfE7J9AkAADR3_pnOSA&partnerid=127&gdpr=0
Request Chain 601
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=db7cc971-93d1-4a17-a6b0-85c622bcd599&gdpr_consent=null&gdpr=0
Request Chain 603
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=1ec3787ab976a3cb5e6ece9f730d8d2a&gdpr=0&gdpr_consent=0
Request Chain 605
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 606
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6836324311
Request Chain 608
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7623381214760645792 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/e40a76bf-24f4-52fa-a0ff-3237c405367b
Request Chain 610
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4140809763479121200
Request Chain 612
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/808512fffeb79772c24558d66314e91?gdpr_consent=&gdpr=0
Request Chain 624
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760900185025154561&gdpr=0&gdpr_consent=
Request Chain 625
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VMsOgyCsWQpUjkTFq-chay2NmEk&gdpr=0&gdpr_consent=
Request Chain 626
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276132868161992847&gdpr=0&gdpr_consent=
Request Chain 629
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 630
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBcWZFN0o5QWtBQURSM19wbk9TQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAAqfE7J9AkAADR3_pnOSA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAqfE7J9AkAADR3_pnOSA&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAqfE7J9AkAADR3_pnOSA&gdpr=0
Request Chain 633
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 634
  • https://pixel.onaudience.com/?partner=214&mapped=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b9321129ed891f31/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 635
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjPiOinBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEJ6Hi-JNoRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJDRiNDIwOGU5LTliODEtNGExYi1iOGZjLWQ5YWMwNmRlN2FlZQ** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=9e878be2-4da1-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
Request Chain 636
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9011011357217791028&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 638
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU479c4aa557164e1184fefcee278ff4d5
Request Chain 639
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=962268519981634368
Request Chain 640
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5648828114216056122
Request Chain 642
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Request Chain 643
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhRYXbbXRnQSRbMYb%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhRYXbbXRnQSRbMYb%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRYXbbXRnQSRbMYb&gdpr=0&gdpr_consent=
Request Chain 645
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=10tjtl16pvuy
Request Chain 647
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fc84f475-72d4-4aa7-ac86-28b7d73433b1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 682
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=JP5CJ19KYVIzQVV4SEZuJTJCdmtxUU5BNFRmeHJ4aTdVb2hrWFg5Q09Ya1JkaWZkSVlmMk13TUQyQ1NjaUVWRjNpVHV1SFU0T0FqQldkYiUyRk8lMkZadUZuYzd5cEZzJTJCNFkzZE05V3dDWW5yQzBEdWVtQkJoSXZXUDNtTmE2c0ZtdEglMkZXMjY4cUtpQVgyZUxBdm51ajVZNHgyd21BNDJnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=zK1zOHxMcnRKR01uWngwS2I3eTBXQTc2ajEzL250dnlGRTRoNXJwN1RQNTBIWVNWMVkvSkxqazk2QmlQOExldjJZeU44VlVFZkZ5VkY2QnRNZG9qUUphaGRyUTBQL2drTnpGNmVyQmxaTlN5VTdCRWdMUTBPU3l4TjNTU0xxbGpMZExPcCt2RjJ6WTBoNHdEMk1TQSs1V3FKQTkzMUxGSWJIV3hYUjNmd3J2SDVZKzZtblZEVFpBdWxMUExMWE51NlZHWDhmajRIcEdHWVNKM1hUQUQ1YW1MTy90VlVtUUNoZzdXa2cwK2locXYwRXlRaFZwd25DNldIWU1kZGZDaW0rMnRvdWhHYzRVZ2xtSm5CY1Y4RzNST0xqaUNyQWU3ZGhNM3l2YXgvMENYSW5Udz18&cppv=2

684 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
www.bg3.co/a/ 		53 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9c19acc20d3f4ccaa5940a0a7b0f1db7cf9e7d278faca4ff5ed80fcecf0f78e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:11:35 GMT
etag
"d35c-Sy7ATVnwnB15tynuQjgD4v6LzqU"
expires
Thu, 07 Sep 2023 17:26:35 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 17:11:36 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 17:11:36 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 17:11:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
791a45f0f91d909dd93579e76424ca0ce4afce1c15aa834265ba027baaada045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29393
x-xss-protection
0
server
cafe
etag
680 / 19607 / m202308310101 / config-hash: 6414607385770146083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:36 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 13:36:45 GMT
server
cloudflare
age
10532
etag
W/"64f9d1ed-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
803092636ed64d5b-FRA
expires
Fri, 08 Sep 2023 02:16:04 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5354
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXLBfICZ7qboHqoFgbdpYHFf0xWE3RpKHm8pN4SbGAyXgF6I%2FLfXCBXv8DaZ%2FZvmFmZkLTXkmCFfkZa8PMa42wa%2B%2BBbu4mmHo5w9setoW3dz6XmrNJ8odTFJ94Z5t%2FuIRMSTIK0MlJZ3%2Bx2wiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
803092665a113636-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48D0) /
Resource Hash
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
age
36525
x-cache
HIT
x-client-device
desktop
content-length
10580
x-ap-device
MOBILE
last-modified
Thu, 07 Sep 2023 07:00:31 GMT
server
ECAcc (ama/48D0)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
BE
expires
Thu, 07 Sep 2023 18:11:36 GMT
adpushup.js
cdn.adpushup.com/42753/ 		662 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 17:11:36 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Wed, 06 Sep 2023 22:24:57 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1694106696223_389027462_65157143_499_2525_12_27_146";dur=1
content-length
142558
expires
Thu, 07 Sep 2023 18:11:36 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		493 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3305d9b2061214470bc746e01ea00bcea7a4e86e94ac2714b3e8577de787f7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
SA0Z9RT2MATY71G0
age
2662
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
13
x-amz-replication-status
FAILED
content-length
54601
x-amz-id-2
o8uv9Nx4yXJxN4uHTzq1s2apI4ap0OzzNJQIFGSshTBIpI7W9aUgESsFR77LdICG6zaCmw9r+/M=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 07 Sep 2023 16:27:14 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106696.213065,VS0,VE0
etag
"0f1380c4634f1b8c6a64079221161912047c8186"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
10
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
13
tr5
cdn.taboola.com/libtrc/ 		3 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=vignette-a-tag-fix-new-tab_var
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230090-FRA
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694106696.236891,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
cdn.taboola.com/libtrc/ 		805 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
64ff6dba69f4f35ea24c53da8458668b0127c7ce40baebfb346454193495086f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
9Cuyi_HrNppXrUWw6R84bxSD9t5OS0XQ
content-encoding
br
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
QDTYGB5B8QEQYWNH
age
27057
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170464
x-amz-id-2
8sIqsn4I81wbVogAO/fFsx9lOZJbbl9foEmnMF11j1YLaBtnoh5qM2pmlyXKR+6ceMEreyTTEDU=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:19 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106696.267992,VS0,VE0
etag
"33adf551cb707ab0d080ab1cacc4145f"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
583
545fbc80d952db4a0f83952a8d765724.jpg
static.bg3.co/imgs/202106/ 		0
0
2ecde61b66df9fc99652d8bfe5ddb3b9.jpg
static.bg3.co/imgs/202106/ 		0
0
7a9fe88b5ccdc97de705d8bbfa833ee6.jpg
static.bg3.co/imgs/202106/ 		0
0
a2e7d222b8132b7fa6e67bd8cfcf2c70.jpg
static.bg3.co/imgs/202105/ 		0
0
8042c6e453f144817eae32c47b73e39a.jpg
static.bg3.co/imgs/202105/ 		0
0
d81af19f5d041090503207739a0c20ef.jpg
static.bg3.co/imgs/202106/ 		0
0
846419d022b22e182ad63c2b5bc58cc7.jpg
static.bg3.co/imgs/202106/ 		0
0
726e89130b12023b1cff296f88d1b1ce.jpg
static.bg3.co/imgs/202105/ 		0
0
b68d7767991e2db04cc07d67b9671d64.jpg
static.bg3.co/imgs/202106/ 		0
0
87facebf7c431a970575026a55cdddc0.jpg
static.bg3.co/imgs/202105/ 		0
0
d6482785c8d5a6ab13320b391fa257d5.jpg
static.bg3.co/imgs/202106/ 		0
0
731068909b4178a6050d931e4768fdac.jpg
static.bg3.co/imgs/202106/ 		0
0
6eab09e1af673c7ffec478a773253e20.jpg
static.bg3.co/imgs/202106/ 		0
0
1917832900caf1f3448b6c3805e02bca.jpg
static.bg3.co/imgs/202106/ 		0
0
b51837c058299cc67d3f41d1a2e517d5.jpg
static.bg3.co/imgs/202105/ 		0
0
32a8bef54089b2b767229f85f2702040.jpg
static.bg3.co/imgs/202106/ 		0
0
7bda8216c4968643516ba028d38a6131.jpg
static.bg3.co/imgs/202105/ 		0
0
4099dd25ae053ec11c27a0c5a0617625.jpg
static.bg3.co/imgs/202106/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
170706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
170705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
871 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
170705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
t.php
c.statcounter.com/ 		192 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=33ABA5B028154F066AF875511FE10E6A&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&t=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1363&sc_rum_e_e=1367&sc_rum_f_s=0&sc_rum_f_e=1258&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
803092645fb74d5b-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
17885
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 12:13:31 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694106696.dop238.fr8.t,1694106696.cds292.fr8.hn,1694106696.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
309121
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		68 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=19%3A11%3A36.400&lti=vignette-a-tag-fix-new-tab_var&data=%7B%22id%22%3A960%2C%22ii%22%3A%22%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694106696398%2C%22cv%22%3A%2220230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A13030%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%22%2C%22vpi%22%3A%22%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3138%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1851.3125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22vignette-a-tag-fix-new-tab_var%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e055a5e0424103cd7bb75920b7437ddb2ee52be85547cc32ca9d2d52596a2c7f

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
169
date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7284
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230090-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694106696.410073,VS0,VE169
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694106696.dop238.fr8.t,1694106696.cds292.fr8.hn,1694106696.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:31 GMT
age
170705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:31 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:47:09 GMT
age
170667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:47:09 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1694106696479_389027462_65157871_390_2140_12_26_146";dur=1
content-length
122286
expires
Fri, 06 Sep 2024 17:11:36 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694106696506_389027462_65157872_79_1635_12_0_146";dur=1
content-length
211
expires
Fri, 06 Sep 2024 17:11:36 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1694106696506_389027462_65157873_256_1969_12_0_146";dur=1
content-length
18371
expires
Thu, 07 Sep 2023 18:11:36 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQxMDY2OTY1MDAsInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1ndW8teGlhbi1yb3UtemhlbmctaGFuZy15aS1uaWFuLXNoZW5nLTItamlhbi1taWFuLWh1aS1qaWEta2FpLWFuLWtlLWNoYW5nLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=1507.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Thu, 07 Sep 2023 03:41:04 GMT
Via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
48633
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
_vayYHClwn9SCqdItVa2YJYk5pvU1umb2yY3lislvjTgs8itDSGw5Q==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
WHJWEXTY2JDTWEHF
age
2776
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80309265ea866957-FRA
x-amz-id-2
QkmbjKdbZiX9w2b15vxYkzQcv4sC/WZEhMn9+ut/0lINEjbSTYnO96DOVZiZnegdYLFMphUpy2A=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39336
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2UIqn3XmRMvF7HuHSJouOkzuTb%2BdjF1QfQnsTLGRC72V2PQ%2BdBMnucCIRELNMC9co17CrX0x5P1m7MgJsz%2FfTA7D2wnu%2Fc8HytkMHECCB4oSaMhTlEDM6ZJ33m0tzdQFpoM%2FFHe0uqIbQ1bM9g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80309265e97436dd-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 17:11:36 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:33:05 GMT
content-encoding
gzip
age
1114711
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 19:33:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1372508342392756&correlator=3342136234059781&eid=31076474%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694106696603&lmt=1694099496&adxs=220&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=626269215.1694106697&ga_sid=1694106697&ga_hid=631426543&ga_fc=false&dlt=1694106695961&idt=617&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dcf4d8132f4d48811ea382ef098d65a7fec36ba4dfc68dc4643acff2b9096ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12518
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CD2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:36 GMT
expires
Fri, 06 Sep 2024 17:11:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMDY2OTY2MTksInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1ndW8teGlhbi1yb3UtemhlbmctaGFuZy15aS1uaWFuLXNoZW5nLTItamlhbi1taWFuLWh1aS1qaWEta2FpLWFuLWtlLWNoYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=1626.7000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMDY2OTY2MjMsInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1ndW8teGlhbi1yb3UtemhlbmctaGFuZy15aS1uaWFuLXNoZW5nLTItamlhbi1taWFuLWh1aS1qaWEta2FpLWFuLWtlLWNoYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=1630.6000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMDY2OTY2MjYsInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1ndW8teGlhbi1yb3UtemhlbmctaGFuZy15aS1uaWFuLXNoZW5nLTItamlhbi1taWFuLWh1aS1qaWEta2FpLWFuLWtlLWNoYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=1633.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		43 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1372508342392756&correlator=2144066789244288&eid=31076474%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694106696640&lmt=1694099496&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=626269215.1694106697&ga_sid=1694106697&ga_hid=631426543&ga_fc=false&dlt=1694106695961&idt=617&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_10_0_pv%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
493aa280392641c42cbe54438f84131826910b2cdc38fe24a9220083732a8199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15464
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 18:19:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
82315
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13570
x-xss-protection
0
server
cafe
etag
8322348364393239614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Sep 2024 18:19:41 GMT
block.jpg
delivery.adrecover.com/ 		631 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694106696655
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F4) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Fri, 06 Sep 2024 17:11:36 GMT
date
Thu, 07 Sep 2023 17:11:36 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (ama/48F4)
age
1836372
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
DE
em-dividers.js
cdn.taboola.com/ui-ab-tests/em-dividers/ 		525 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eef130cd4b5772a252c5c9feda8c7910b5e1e52cfa27887886043ab266421fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
sjeR0QHxVVhmbXj4Ta24d3lgzrgkEVFb
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
YQ4TQ7VSSE224A1W
age
13670
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
302
x-amz-id-2
fOQjiSpyw2Sl+1OFyh8EZCfLoaz4ZjwdJa5cuxXDGThxVKwbb/DwIZWvYcML3LSikHiATx/l+Hk=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 07 Sep 2023 13:04:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.663149,VS0,VE0
etag
"b61500489eba4791761a166933bed4be"
vary
Accept-Encoding
content-type
application/x-javascript
abp
92
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5067
em-dividers.css
cdn.taboola.com/ui-ab-tests/em-dividers/ 		227 B
403 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-dividers/em-dividers.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
033718a2aa071240f6adb758d23ca70c8be35d1b2e94fa7c954e3fea0f784214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
5AkA33kr1wqaJzT5Gdn21Ilur1WaPXkm
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
YQ4QDF5A67NEYBCA
age
13670
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
121
x-amz-id-2
mqQfmRzKK9x0m5OwkJ2yndcIFPspD02KmjSt/DsqkmSHZZqNfL97c3as8JjrRUO1wm7lakBoKY0=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Thu, 07 Sep 2023 13:04:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.664396,VS0,VE0
etag
"ddefcd559750f79096b30cfed7078537"
vary
Accept-Encoding
content-type
text/css
abp
2
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5058
taboola-vignette-new-scanning.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
639ad34fd7570ef82ee3aec55328e055a0d97475110315e6fb73093c1637535a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
SJvVBeNMp.fTNB086ZN9xyBJ4BMGNp5Q
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
7QHNKAGSYWHAJBAH
age
98
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
7905
x-amz-id-2
jMpFrkSO28Tq4RnQY2Zjko8flyoIAKcGHcK1GGer2jPA/RHcRpJr3Fu982HtQKDOqok/grjIo6Q=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:50 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.691494,VS0,VE0
etag
"ea2d9d76e94f2b732cde44c1e415234b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
distance-from-article.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a905790c2388b2111163868d43785e24f12daac870d5a2ede31720f5953aee45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
s9ZR9D38caBweqQ2hHa0TV_DVmYNbq6O
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
SAJMYX6Q781AM78X
age
39
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1195
x-amz-id-2
WWc4XUX3ZFjOxFMUUVbsNjCHrsHpFJPKP+2eYsB2zvonmr+sbKYXkBUpiGDmbZb5H3DhKWzxjE4=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:21 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.708015,VS0,VE0
etag
"0d36d26d4a860f70d8284a9b0090044e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
article-detection.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6f1b5e6c94bd7ebcab71ff2491e50e15fdfd3c55179e49c943e9799de9ba51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
536WW_gST0rpFnb4kiDRlTNOV1uHRv4Z
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
TZRHZ5Z40YB7BEY8
age
66
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1349
x-amz-id-2
YFZAZerc7Ld/YUxRAZHZunKq06r782VN1ppqVCpkJpttNpM1yaGEoxyDAOmfeP+crXthsV10bow=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:14 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.708458,VS0,VE0
etag
"c83524da302001a407f6648ee62c1113"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.0/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
115621
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36498
x-served-by
cache-fra-eddf8230060-FRA
last-modified
Wed, 06 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1694106697.726338,VS0,VE0
etag
"1865860838c0a4f202ab61510882ea01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits
9879
feed-card-placeholder.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76fbe5ec8688b4bf9e59682f253b9ed6b099940edc8d9a4e8cc87fc65580bc20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
MRN433NZHUvEcWhcptYqaRZA2Imd7EgR
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
TZRTGAWZMY7W401X
age
70
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
1320
x-amz-id-2
ghB0ZHrRQOU5kDzYEsJeESUICjiurLrVB5RXab3OGh5Xf8jGuNoJCwQuiG935tRyi32Q/WRIocg=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.711491,VS0,VE0
etag
"a1038286949ae24f299afe739c212bdf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
67
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.715584,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
87
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
96
userx.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c22a6ca09196e492cfc38961718ce3618d2b173af2119575f6854871aebfa080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
yLHhLq04NM4A.SeB8e_07F6RGt8GFvgN
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
TRHB622TY7V5GBZR
age
27
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
5460
x-amz-id-2
k6rQv9J2b9I6MQyVcRKs5GxeyFmtdAe/S5lH00sS11ZkGxIronbysdIVlGnCsqi7Tp14aDMWFCM=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:54 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.717644,VS0,VE0
etag
"c6d57bcd5b902d8912384302732b40be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2
explore-more.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93a8a756cb758f61727b2854db5120594f13922b4d271d1f5ffdfa63dbab62c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
1GZf4om5xrqVqHzHcRBDm8EkWif1jV8S
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:36 GMT
x-amz-request-id
TZRV0G78874E826R
age
72
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
8865
x-amz-id-2
mQKPIlOnGBcCKyiWBRAtaWuFGilgfBmsh8zSdc0Up0IKFA73A1wkVO2FxbMU+SZtdVsg/wEGrSo=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:24 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.733776,VS0,VE0
etag
"2c755d87f7fcf1c24d511a6cae45c3dd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
72
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
4
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694106696692%7D&tim=19%3A11%3A36.692&id=4225&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694106696702%7D&tim=19%3A11%3A36.702&id=2041&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A11%3A36.734&id=6829&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A36.736&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2082&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15417
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A36.737&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=6858&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15417
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A36.743&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7349&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15417
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A36.744&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3510&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15417
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A36.749&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9020&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15417
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:30 GMT
age
170706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:30 GMT
nameframe.html
d-14513259571470306939.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-14513259571470306939.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQxMDY2OTY2MTksInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3RhaS1ndW8teGlhbi1yb3UtemhlbmctaGFuZy15aS1uaWFuLXNoZW5nLTItamlhbi1taWFuLWh1aS1qaWEta2FpLWFuLWtlLWNoYW5nLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=1768.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
8d5c885b910310f68b7540553d98ada5.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7350c966d4d572786ce6e75b04f9e1f164329e5737d9d63b9382e456eb2343ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
7
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_870%2Cw_1160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
age
2013416
edge-cache-tag
583751298338129046630311200708301120160,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
583751298338129046630311200708301120160,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
456
req-referer
https://www.fitrechner.de/
content-length
42020
x-request-id
d56c3bb2705c05c28b38b66117c946ea
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kcgs7200062-IAD, cache-lax10630-LGB, cache-iad-kjyo7100147-IAD, cache-fra-eddf8230090-FRA
last-modified
Tue, 15 Aug 2023 08:07:56 GMT
server
nginx
x-timer
S1694106697.799468,VS0,VE7
etag
"4fc0e13c8e06b09a4d07d0b6e7e2514d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
8d5c885b910310f68b7540553d98ada5.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53039d469b6ad5471389eb0bf9016e90890e766f076f0ebbdd79b5ec289252b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
age
2018658
edge-cache-tag
583751298338129046630311200708301120160,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
583751298338129046630311200708301120160,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
228
req-referer
https://marketing.walla.co.il/
content-length
27222
x-request-id
679788b0a516c9ea140b5d754eacf5ab
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200055-IAD, cache-iad-kcgs7200068-IAD, cache-lga21930-LGA, cache-iad-kjyo7100154-IAD, cache-fra-eddf8230090-FRA
last-modified
Tue, 15 Aug 2023 08:07:56 GMT
server
nginx
x-timer
S1694106697.799833,VS0,VE13
etag
"4d3c625661b558009897104c9c149114"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 10, 1
437b89a606b4823e1f1fadb6ebcffded.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/437b89a606b4823e1f1fadb6ebcffded.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0c8f434c3c522626918fdf83df4bbffabf2d0117c028eb8d1332d9367d652c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/437b89a606b4823e1f1fadb6ebcffded.jpg
age
1326396
edge-cache-tag
553825848696696465170921199449911255549,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
553825848696696465170921199449911255549,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
90
req-referer
https://news.walla.co.il/
content-length
37604
x-request-id
74839e596ecb5309c9059add96eeeeca
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100073-IAD, cache-iad-kiad7000144-IAD, cache-iad-kcgs7200062-IAD, cache-fra-eddf8230090-FRA
last-modified
Tue, 08 Aug 2023 20:08:18 GMT
server
nginx
x-timer
S1694106697.799761,VS0,VE1
etag
"4296cf54b1908837ed1b2b1bac82f6da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 49, 1
cbe14f10b53a5c76f23db44131da3bd6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbe14f10b53a5c76f23db44131da3bd6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3b533fcdeceaa905a7b2da2e2d55dd2ac0b2968c0ea247fd6ab2076f2f3bfbca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbe14f10b53a5c76f23db44131da3bd6.png
age
1485233
edge-cache-tag
493293548255573526550210188951487162204,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
493293548255573526550210188951487162204,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
497
req-referer
https://flytant.com/
content-length
20794
x-request-id
39b616c1a5ad2f4d350a9ed7bf471866
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100024-IAD, cache-iad-kiad7000153-IAD, cache-lax10625-LGB, cache-iad-kjyo7100149-IAD, cache-fra-eddf8230090-FRA
last-modified
Mon, 21 Aug 2023 08:04:35 GMT
server
nginx
x-timer
S1694106697.799804,VS0,VE0
etag
"0fdf5d087bb5ba2f27487c2dc3b51ba8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 20, 5
12a66ad1d8214d74738111fd7deb622e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a66ad1d8214d74738111fd7deb622e.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d3881446be932a5a13add10588407b357cce58dec8447c356a53ea378f48694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a66ad1d8214d74738111fd7deb622e.jpeg
age
1155564
edge-cache-tag
568189732116587821775004108406990402459,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
568189732116587821775004108406990402459,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
197
req-referer
https://www.tippsundtricks.co/
content-length
32082
x-request-id
3ed838fe18b95ef507f1beee03e7ba33
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100148-IAD, cache-sna10745-LGB, cache-iad-kiad7000066-IAD, cache-fra-eddf8230090-FRA
last-modified
Wed, 23 Aug 2023 09:42:27 GMT
server
nginx
x-timer
S1694106697.808325,VS0,VE2
etag
"905ac9ad66d1494819c5f0bc192b28e0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 5, 1
e3d1eeedc2769f0cef1d930632f61c59.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d1eeedc2769f0cef1d930632f61c59.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abc9cd11a9e44ca6d67c066c2e1fc0bf277de892accbcb55dea7876a5b968e36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e3d1eeedc2769f0cef1d930632f61c59.png
age
1586810
edge-cache-tag
300626314472022618972066278203516031780,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
300626314472022618972066278203516031780,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
133
req-referer
https://www.freenet.de/
content-length
29208
x-request-id
d112fc2245269a351624bacccc027183
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000119-IAD, cache-iad-kiad7000170-IAD, cache-iad-kjyo7100044-IAD, cache-fra-eddf8230090-FRA
last-modified
Thu, 27 Jul 2023 17:47:29 GMT
server
nginx
x-timer
S1694106697.808418,VS0,VE1
etag
"43e724733838fea6f9963b6e02006141"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
fe91d8cbdda71fc208e75bb9dfb9cd93.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8ba4d0c7bb96b7ba43d942c0a9d4e988c7ca26152f6595e5b85004386e207c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
age
3838989
edge-cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
226
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
29464
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kcgs7200057-IAD, cache-sna10724-LGB, cache-iad-kjyo7100111-IAD, cache-fra-eddf8230090-FRA
last-modified
Sat, 15 Jul 2023 11:46:52 GMT
server
nginx
x-timer
S1694106697.813950,VS0,VE0
etag
"9d36e1067b0ce85dc936db1f2cb39a57"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 286, 3
8d5c885b910310f68b7540553d98ada5.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c28eb52d373bb06b1293c3ebd5e846e6b5817c670a935f484bc9f7d46e4c1a91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d5c885b910310f68b7540553d98ada5.jpeg
age
2018672
edge-cache-tag
583751298338129046630311200708301120160,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
583751298338129046630311200708301120160,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
613
req-referer
https://www.t-online.de/
content-length
31148
x-request-id
429f0d0f650858b106ae8a05e1c3337f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000064-IAD, cache-iad-kcgs7200041-IAD, cache-sna10730-LGB, cache-iad-kjyo7100053-IAD, cache-fra-eddf8230090-FRA
last-modified
Tue, 15 Aug 2023 08:07:56 GMT
server
nginx
x-timer
S1694106697.822036,VS0,VE1
etag
"d22bc207a6df8c4dc3e5e2d7a039bad1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 164, 1
437b89a606b4823e1f1fadb6ebcffded.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/437b89a606b4823e1f1fadb6ebcffded.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8fd1ff06f0cbd553dedcfefafb3dff64e75f95240ae1368ee6d2c1d1d6d60572

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/437b89a606b4823e1f1fadb6ebcffded.jpg
age
2697358
edge-cache-tag
553825848696696465170921199449911255549,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
553825848696696465170921199449911255549,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
286
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
121476
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000138-IAD, cache-iad-kcgs7200140-IAD, cache-sna10735-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230090-FRA
last-modified
Wed, 12 Jul 2023 09:51:01 GMT
server
nginx
x-timer
S1694106697.822324,VS0,VE1
etag
"f1b569918514d9597a378f7134726cd7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 18, 1, 13, 1
12a66ad1d8214d74738111fd7deb622e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a66ad1d8214d74738111fd7deb622e.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
007d31f73b2fad3f874c86e07743a7de6363a9d9a5ef57474ad3045d54e84030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12a66ad1d8214d74738111fd7deb622e.jpeg
age
1155671
edge-cache-tag
568189732116587821775004108406990402459,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
568189732116587821775004108406990402459,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
246
req-referer
https://www.t-online.de/
content-length
36082
x-request-id
308fdfb396950a4e31ec807bb22f6fbc
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000051-IAD, cache-iad-kjyo7100136-IAD, cache-iad-kiad7000068-IAD, cache-fra-eddf8230090-FRA
last-modified
Wed, 23 Aug 2023 09:42:27 GMT
server
nginx
x-timer
S1694106697.822535,VS0,VE1
etag
"6dc7f16f1775bda0151b05a10690e5b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1
cbe14f10b53a5c76f23db44131da3bd6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbe14f10b53a5c76f23db44131da3bd6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f5f75bdda356e9ce00c17c1cad88c6064fb2cffdd291a4029eb74dbc35c0b07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cbe14f10b53a5c76f23db44131da3bd6.png
age
1485479
edge-cache-tag
493293548255573526550210188951487162204,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
493293548255573526550210188951487162204,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
208
req-referer
https://www.t-online.de/
content-length
58572
x-request-id
d24d2f0fc62c4ae7441bcc2a82d55ff9
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100088-IAD, cache-iad-kjyo7100088-IAD, cache-sna10745-LGB, cache-iad-kcgs7200037-IAD, cache-fra-eddf8230090-FRA
last-modified
Mon, 21 Aug 2023 08:04:35 GMT
server
nginx
x-timer
S1694106697.822549,VS0,VE0
etag
"970715c349fa76f402c0f8c9c49ad0af"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1, 3
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Sep 2023 17:11:36 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230907
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04a42cbe9a6dd17d6cf3d91423b737b86978d0e6c89af47c15eb483b95dd03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4242
x-jsd-version
1.0.1805
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7020-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-GwcUUHsE0TI1eRkE0LsE6H5eMI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FGH6qKolMPX%2FM3FWPtMibWtO7pW7ff9QPSEPGebuDhx0PdIZL20zp6z9tty2y%2By3LOLpXOx8kRzLXouXDUuS7R8WD3zHBLXb5Zo4SusK5WTSjNVbTktZCtSLW%2F9mNc87ktvG8JtVC5XMT%2FjFnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
803092675a3a91de-FRA
adreq
ads.servenobid.com/ 		723 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3523
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
812231f393f41dc6ffb8245a1ae5f620d6e900b1346750906f0fc530c56ee079

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
pbjs
htlb.casalemedia.com/openrtb/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788a0a1fe12bca350a4833fec7709e01fb9e6c402863324086316c4981c45268

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMaG7uySb7M3pBiANjtuEzqS%2FaSqv59YJN0p1uCjubxHnepdf9XqdD1%2FRnU%2B4wVObeM%2FFchNSyHfHKXkarh82LCPNwSnQsHjlldaqbdy4ItXXRfYk2jPvtC2XJP0xZnVrfcgU2Gv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
803092679ff7921d-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f902fe7278249793a4678e00da54f85dde297a08b4865d56814d9aa88c6e4d

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpffNi1RPLw9CG4%2BpPVFTp6WEhD77xCdM8yxrgZFCTBN0UXWC3bXDYJKvqGJa5gwxg7TSZ65GyYBYhuXRUcWg9lrI45KY10SG4E%2BemSk6GcMiYXbr8hVTonGi%2FbikCN6nvujLHCp"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
803092679ff8921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f902fe7278249793a4678e00da54f85dde297a08b4865d56814d9aa88c6e4d

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HggJ57Zp%2B%2FzuypAJtRthWmSW5dgO0Qjn0kPDy3tv8AOTP1UMbI15PVD%2FuAbhiQpCkZCW7uzfawVedGPS2tAayZxv4Z0kNgq6ocj2R6f9uboTkUYohPb0wi8ClaOZZDXZBs2pzYyX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
803092679ff9921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
279
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
3
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
0fb7485090b82399e9e24e36127c755bb9f76a0e498a5708f6891303994b2772

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:36 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.206.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-206-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
accept-ch
sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		250 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a6bd14372c2f74d0ba53d35cabfed3c07491fc35d7d33a56ea5730a57eaa3724
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
an-x-request-uuid
c6e15270-223e-4c5d-8aad-b408047672bc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 07 Sep 2023 17:11:37 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=48555980400&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
65ca7c515068a33e46243dc642808e29be6705bdb0d4d15ad35ebf48dcf81f7f

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=bd181a34-b3b4-4fb7-a112-bf73d2cc0f84%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=b72673ca-e034-4088-b98c-bfb5a0e48ce8%3B16f2f93b-d219-4733-b297-0803067179ba&l_pb_bid_id=61f72c3d5092deb%3B625acf13dcee2a4&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b72673ca-e034-4088-b98c-bfb5a0e48ce8%3B16f2f93b-d219-4733-b297-0803067179ba&rp_maxbids=1&slots=2&rand=0.376840747058647
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ddd27bdc1bf1af858b2e41de8455b62f90e580a1d7dc854eca40029fc126c3b7

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca964041c17f04846df306bc795dc27e65422bb63340004ccdf96b2901093c3

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 07 Sep 2023 17:11:36 GMT
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80309267ba259177-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
80309267ba289177-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
628 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13607
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wwA0trbceklZo4rNqVzcAzXs0jjhq8Z4DkBHNhQXHF6rYxP%2F4P3z91MzSzz3FM4j3V23AhXnBQYjQl7n5AcpePPk3obLRPDp3lrrbclw5o7HgnQ1s4stzDb17alfCWQqxd8XCyKE95%2B2PUOXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
803092679c013636-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
08421f6131f6a1f52003fabef0d6ff654e6217906eb4322bfca0375fc2e657e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
08421f6131f6a1f52003fabef0d6ff654e6217906eb4322bfca0375fc2e657e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
view
securepubads.g.doubleclick.net/pcs/ Frame 6944 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAELMAY9D0qZmbmFD8ik0QwXiob84rP-9j5cxaO1kIwDP3zWsAOZchWAkQ9WILvj_WmldqmZqRoq7-OOGE6U1KdAb-QZJsR8G9j8oG7TMUVfvgCqepqmcn0pRkyzHFVpuVL6a_rl_y1oPhdTV4OwiyYOSnouF-DObzVQkaTEdqvc-u5f8_M-0-x1NEK6HPWNszjrwNQ2PXPvoTThRrAVik6PMtn2xhw8T2k8QBeOkHzF7sgJZFL_hbovl4aCrbuRBQ8h3grBSJ68QnXbHaqq-t6PQsno2LnXU2nY_wx6Di5crahwybxjc2CSyJpAIanJWZZ6Cn&sai=AMfl-YSocIGYtdeKFfVw5h4mTVWdS0BlX62zX-UrOqE72LdBMRaYA-iSw0XIon-1zGyYxXn0fghK6nB2w6CE4x6sAv_h2SiMDT_TUd3I8OOa80B7J1DyKkp-gRKVabDB3CvHlvakHMMePFp2HWwBqOM&sig=Cg0ArKJSzCdg-LKRQFnWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:36 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6944 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:36 GMT
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.23774440281470777&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.08640083529510378&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ac7a6fb515f97d3997833bba9a67578ac81e5897f8a9daca6fb1a31de783dadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-Ep/RIgnBZ0MZLjJJ/0vAcBXZ6b8"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 126F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:36 GMT
server
Kestrel
server-processing-duration-in-ticks
300539
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22366.828125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A11%3A36.993&id=5439&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A823%7D%22%2C%22eventTime%22%3A1694106696994%7D&tim=19%3A11%3A36.994&id=9076&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=19%3A11%3A37.002&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3769&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&lt=vignette-a-tag-fix-new-tab_var&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14096
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 16:18:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 17:11:37 GMT
spa-detector.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82698489a2ed83e016387da8061c428a5c15c9d0bfe0ae83e22ee426b3f45d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
11sHjNmExP8pq19s9FA.y8RypFyCetxZ
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 17:11:37 GMT
x-amz-request-id
BPSA5MV9NX97BE68
age
7
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
842
x-amz-id-2
I/xOZSx97Nj3VPt99bNgFjAnfj0uu88eE2ysPxF7chMn09p4P2CbE+m9tZBbLItLaZ/YuUXWcGo=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Mon, 04 Sep 2023 09:16:41 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694106697.018885,VS0,VE1
etag
"21e1ab53109eaa6206d918c3ceab822f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A11%3A37.009&id=1789&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694106697016%7D&tim=19%3A11%3A37.016&id=7964&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A11%3A37.018&id=5846&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=5906&tvi50=12261&lti=vignette-a-tag-fix-new-tab_var&ri=7c51b48f0c7e0b2629e6234f170cf554&sd=v2_cbe4537d94978ad303075f3eb906d133_74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8_1694106696_1694106696_CNawjgYQ2YJdGM71goWnMSABKAEwODib4wlAiIoQSNa42QNQ____________AVgAYABom4_D7OWo_MhscAA&ui=74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8&pi=/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&wi=-5536729040699307948&pt=text&vi=1694106696398&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694106697019%7D&tim=19%3A11%3A37.020&id=6506&llvl=2&cv=20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 16:17:17 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3261
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
oHcmwqwYlFN57jrrL13bCP8l_KzK4KquuDUzWOjUmfr2S5zR7lBapw==
sid
mug.criteo.com/ Frame 126F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=fDJn5HxEZzhVZWZJKytRZkhSRmRjZEYzbnB1UUdwWm90ekcrbVQzU2ZiQ3R6TUFPODJhR21EYlVMeURqTXN6MVJwN3ZBQzk1TDU4VlZEMHRrb3ZjQkg5WXZmSUg2V2IxMTFQa0krTEc0MWZmejlSNjM0SGIrQzFLOTkwK1...
427 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fDJn5HxEZzhVZWZJKytRZkhSRmRjZEYzbnB1UUdwWm90ekcrbVQzU2ZiQ3R6TUFPODJhR21EYlVMeURqTXN6MVJwN3ZBQzk1TDU4VlZEMHRrb3ZjQkg5WXZmSUg2V2IxMTFQa0krTEc0MWZmejlSNjM0SGIrQzFLOTkwK1ZZQmFMZHBDbStPM2NpZWxUY0RjM0tJTFFjK3p0bXdMcVVwSDZwaVpSS1k4WDBqNllKWmtYMlh4SUxSTmFVaU42azBoVTFKb0UxdEtwYXEzdHBhMFczN09CNUJjY2NLSUNaKytSbUpnZXcxY1ZlR3o0bi95MFU2cXgrL2hXZVljZWE3M2cxUER5Rko5Vm1aT0FiMUFjNkJMU0c1S0JMZz09fA&cppv=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
47e4bf16e0562d31e6a76c3863aac0552c44bb318b2553b37e0da2adaab44ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1329287
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=fDJn5HxEZzhVZWZJKytRZkhSRmRjZEYzbnB1UUdwWm90ekcrbVQzU2ZiQ3R6TUFPODJhR21EYlVMeURqTXN6MVJwN3ZBQzk1TDU4VlZEMHRrb3ZjQkg5WXZmSUg2V2IxMTFQa0krTEc0MWZmejlSNjM0SGIrQzFLOTkwK1ZZQmFMZHBDbStPM2NpZWxUY0RjM0tJTFFjK3p0bXdMcVVwSDZwaVpSS1k4WDBqNllKWmtYMlh4SUxSTmFVaU42azBoVTFKb0UxdEtwYXEzdHBhMFczN09CNUJjY2NLSUNaKytSbUpnZXcxY1ZlR3o0bi95MFU2cXgrL2hXZVljZWE3M2cxUER5Rko5Vm1aT0FiMUFjNkJMU0c1S0JMZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
222276
content-length
0
expires
0
truncated
/ Frame 6944 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
651c046e442226b5e750c861cb6e260f2f5843ff21556b75af53cf0b94ee0311

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6944 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsvE_7hzahT4pquRdMXAJpKqR3OgJo44O1bETHS1JDWfp2NK5aApBkanE80rmAqcCKN_2g-8Oz4lDHfy9aVDW1DhKwbbYewcP0sBg_vSKiL9DyLefjfgdk3fl5WwgSEnIn6I03cleZcETOUdI_kQHgcf_T3e7vNY7t5c3AmWCJYHIF9SxO7ynimJoQwhiWw3rDKQNgdVgFDz4o9jia9rYr-NHNlV8dX0DgJZw_OdACWw3f5BRrWx3X5fjALd3doTLWCncjDG9N8GbrdGOqootltDokwz1rip7KOTNzJr_UtB2PH2_I3GLgPdyRHTL301ICQ3HdthQ&sai=AMfl-YQY2f7zdxhu4d_uya757D0pydyYlx-XWaS1aFKINY6_AabAwm2vo72CD-57xhJHiNLnZskd_KNJkI-0Hy0CMRQG9vUwnX0XYEPW2u3n3s0i3Fnd0sPYDbgxH-tXDKCyT1b3SeWdaNDfg5ZbnIk&sig=Cg0ArKJSzLScNCuGx86REAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:37 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:46 GMT
age
170691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:46 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c426 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16538
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Sep 2023 12:35:59 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO7LJZUFQvfqJLiufJrA4tKLKv5Vd28ocuzPG4SKb42oR3XtkNDdcwoXL0JPxYUN2pKiqPs063FyuKyQQ9z6PAo9E2pEgKkWavnFpjrvGLCYimdsgTdzAOq5%2BCb8DjzR7rjeceZrzDyK4ErInX%2B27IJtha36r5vcVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
803092692fa091e3-FRA
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:34 GMT
age
170703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:34 GMT
impress
ad.vidverto.io/delivery/ 		53 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&referrer=&async=1&uid=5529912529&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b049468efa78d9ca1eecc70fb758c12964baad2d0f14ffdae89dfecc468e9617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
container.html
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E24 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:36 GMT
expires
Fri, 06 Sep 2024 17:11:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel;r=313692876;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=313692876;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1795573214-1694106697051;pbc=bd181a34-b3b4-4fb7-a112-bf73d2cc0f84;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694106697164;tzo=-120;ogl=;ses=2f068f15-fb39-4bfc-9007-7e361d443322;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
css2
fonts.googleapis.com/ Frame 3E24 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 16:17:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 17:11:37 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BA41 		624 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:37 GMT
expires
Thu, 07 Sep 2023 17:11:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0406 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0406 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 0406 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0406 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0406 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqMj7KjUlcJk5ZvioPI2KsucdaMb_4-3whXu1AaMx37Q_QUEiNGvr5625AckNy2DIpSQpx1ZeVAJkAOpFXfphjjJTnRoOrzTtZdJB-h5vHShWp5J8
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0406 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3968244689812450655&x=1&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 3E24 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
10988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:29 GMT
/
onetag-sys.com/usync/ Frame E238 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126089
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:37 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 12:02:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64ec8cd7-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		280 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 17:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fa0208-461ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 07 Sep 2023 18:11:37 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D26e45e69-d69c-4cea-bc83-bb1432635afe%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=26e45e69-d69c-4cea-bc83-bb1432635afe&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=26e45e69-d69c-4cea-bc83-bb1432635afe&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=26e45e69-d69c-4cea-bc83-bb1432635afe&p_id=23
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=26e45e69-d69c-4cea-bc83-bb1432635afe&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=26e45e69-d69c-4cea-bc83-bb1432635afe&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&p_id=15
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&p_id=15
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.213 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-213.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Thu, 14 Sep 2023 17:11:37 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5942&cid=amp-kaFzOgCJwih38lmzGTyJNg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dr=&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694106697&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-kaFzOgCJwih38lmzGTyJNg&aip=1&sid=1694106697&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BA41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTSjQ6sqUR5s%2FP%2FBI2o9dsKm6gou7LoZVcL3iI5rHtm1A6Y%2Bg0VC3U5Ia0tDgrJw%2FZB8EZ4maYWWcddLDryNZVSys866CnrbNE%2Bfwrmd8NA%2FJHPY3IV17XexPAzs5i%2BxVMz5jJNoO8zcUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030926a5ad3921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BA41
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPoESROoojD1qnDOJ6gotAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg1cp%2BxRezgyYmmLJr74yP6uzQRHahiI2nJ9gfiGQkwQ7apWyz5nT6tuq6g%2Bpw3DKwdanFQ4WdJl0zMVss67BGKQdj7XhcRQniNl9Lfynrj7jLUwoiZ6%2BkpI%2FZBGiZ%2F9sdd8sEomHe8k0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030926af8f8373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELHjKClSnyY1dm4EpcEZxgg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BA41
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH54CWjxfHdsvt3Z-Y4XsZM&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEH54CWjxfHdsvt3Z-Y4XsZM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Protocol
H2
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
an-x-request-uuid
e8a33818-134b-43d4-8d57-131496fd85b6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEH54CWjxfHdsvt3Z-Y4XsZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA41
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2MDkwMDE4NTAyNTE1NDU2MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2MDkwMDE4NTAyNTE1NDU2MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtZEVPdlxAoHfI5kT0tUcraM_3-llkwb6e5YJNeHjhBjBq2RW1HNpwWr3qm50V43h94Gy44reYQpvjudyTJ2WZFwewQzPeO9DOzfoZwRfsXU5g2yBDB0MNvLrPSU9E8V_hb5_oBOBp6wLRcijS1IH5ATeEUh0nb3JWluAvw_SlBylqu5hy4rgO_MZfFTJhcSNTw5St7rVxxH_cJrlxS2CIJpdK4A
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
an-x-request-uuid
7122ee6e-6a79-4903-8327-64f933adf2f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc2MDkwMDE4NTAyNTE1NDU2MQ%3D%3D
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 3B2B 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 07 Sep 2023 17:11:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
st
imprammp.taboola.com/ Frame 2E7E 		439 B
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=undefined&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8251b8cc-7c4d-47fd-9a1d-66cbf06abe72&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be4b39fb68cc195526653b993ee58caaf95c9287c75b461a69dde0157496d2d4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 17:11:37 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230090-FRA
x-timer
S1694106697.309403,VS0,VE10
sync
am-match.taboola.com/ Frame 962F 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
be4b39fb68cc195526653b993ee58caaf95c9287c75b461a69dde0157496d2d4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 17:11:37 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694106697303&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=-1633013545&tz=120&viewable=true&ddast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b86b0b6a0d77cbb5a92a2c46af2d723f03e08059b906e7bd283aafd9987adcfe

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1406
x-cache
MISS
x-served-by
cache-fra-eddf8230090-FRA
pragma
no-cache
server
nginx
x-timer
S1694106697.309346,VS0,VE67
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=31589837&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694106694993.5!ts:1694106697299&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-length
0
server
nginx
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kaFzOgCJwih38lmzGTyJNg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.5415397982673891&gjid=0.8779188593156804&_r=1&a=5942&z=0.4271250997066378&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 4C8F 		714 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
7559
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8030926a68a79001-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 17:11:37 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fuy1P9nf9cGRe3YehRItswKj%2F7NmB7pOlWhR%2BdwWXdhpBk5EN9LcW4aMRASNH3tAOnPAm3NHAKiaPDv6qaH4g8t4ooypdkkloqwJ1prSpCy%2BqLBm906FJ%2BBZBT6ssXfhUbi0oQSTpDUN7i1m2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9DEF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 17:11:37 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 17:11:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 962F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 962F 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:260b:940e:5542:581f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 962F 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 9FAC 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1553d1682df6a65074932cb6d6b93bc4edc04decf0968ea1821043f0a1b076ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7896
x-xss-protection
0
server
cafe
etag
9944119408408942866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2E7E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=undefined&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8251b8cc-7c4d-47fd-9a1d-66cbf06abe72&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2E7E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=undefined&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8251b8cc-7c4d-47fd-9a1d-66cbf06abe72&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:260b:940e:5542:581f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 2E7E 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=undefined&cb=1694106697299&uv=3334&tms=1694106697299&abt=nonrv_vA!ufm_vD!ufrlt_vA!ul143917-543_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=8251b8cc-7c4d-47fd-9a1d-66cbf06abe72&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0406 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9550187039686&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0406 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9550187039686&version=m202307240101&ct=76&x=1&cor=3968244689812451000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0406 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac4793JBrylNhtNmDd2VmW4JAoriv27Cpe0T8viq4zf55ZelH9MrcDzy4LUDnsTWwOIGAspgmBX5If1mC9yOs1oRSF1qjroqcUGbdxD1ToMSWcCmfdXhgRZXWhSTfozQTix-1QF6txjKWVFv_xKdQKTH8oln4UA5qYlYp4pJMRdnpM7PI&dbm_d=AKAmf-AdeXR2HLlb7ILYwtQR_iCGoF8l3LkhBISlbNy_pRoj3cX0kFegHwDBIJUGmo9kFQBj3VGxgvY52BobN9JYjCzdPCORkaEZH2zLt11wJ9j3aba2anylizRDWnZ-vKOJ4DvVGTnTRlM1cRbQhpCzSdQTe7oLF7roTQSmHvQykJ7IlHSpvOrkdhaJrLuyYHSorT4DYSadHWbT1GZmD84RzmdpZ2d1nKheuvEpSfZnik6GXrFlxwfUlYX8RyoAhDurd6ZK3F1_mrxXxbLt_3V1whbGuAN0eJJAciZUgP7yODd1X50ai6TxYN4RqeGlMDBdbVNXSMyjZv4gXg8BQe_PanXRuYfvJKLXDZ5q5uBeBCci_tnh0sDT-eSIoimgfllakGJIfxoOmMXJHeKeEx4LMJ3B19YP3-d1M52VloTrbKjxNUemssXSZPo32eOBWHQV_vfevvGZg6labb3qTUE3RwGytm2nV8c4JnTX1HJ7ytFOzP4IIHYATAo57bMDxJ0_rlmDfAzfjNTh3kpnoOptLNQKwRYMKwKvITJfVM1GtPqmP24sPlPXTaDWogZUpD-eBV2Ok9ZDKEyzsc1gdr1YW_8ZFFmACCV3eR3eGrCWdFuQ3cNvXUnbljWAtIpOBC_pEN8XLS_ggR-wca2g0piZcujRyfdUSY9ImFUu5Ue90d8HPRFzINKNLrgSM7DVBKbD_LRLGYOgO5yAwa9d-1uZl5wYP6qWR8WeFdtkGuAG0QkGrERl_P2eDBchAwrexF8I5BGcvDzJ25AAR2p_BNSl8EJ3nef6WE6jvTA1vdltIXgnKXdFoCGd1PWFUpvSHdf3MjVlB_fnuAe5XdVfwmStCNUYgxsVewkEBp4gJRBr37UGEcwCUUyQ8_-rQSMnEyavrGVnt69l58kjfPJlf9rMrJmtd93ku3CTrU65nHcjf9i94cUiPzmpQKGVSNRV_IQusvdw8B42B3nDa0JKPbplA5LZqbiyqqxUGQ2uyIHa0JLdeuyARzHJt2XCDOUybjDADemNJ_VJpf5fViA5WB_aONaIprIoHqoFC8BP_kWvlyT4N_C3CD9VZXvAWizp1Np2RPyFjl22_lwBLHhP11hOz3T_r4PbudaytfRh5GK2We0GtGy54YN3oZOllGoQA2QJHLlQpTGL6p8kggiRwZ-AM3SgI5Bgcet4oqt98GOUI4BcybupCbKc9b-uUewdMswDH8-TCPl7gZ60gxJUriQdnbiPNkA0Hmb8eEIlHmB12LyxvxaJ84U8Rqa0wl42n-dBOzKczPC6b6QvtB0RN0tsgQ11f08Tml-yqtEeDHq87WpjXMmUvtW5wz_Jox7Dyn5YSB2p8lNXvg8ERCFNTojoQxbXdIjX7QsXxXY-iV8DJoCab2mXJKpz-IwyDNfOi6p0Q5DeTNenKY8o5HaQc42Ba_sNzlONtj5fwK4DBbFClmPTvBJSnfToYx9mCAU_-XixuZPoUnXfT60QB7kx6nvZww72P5nonvLZS7N3IcG82nQkcPeC1WJwcmNdIV9Q--ZNnshlxUGjynGfqkPjOc9HmhUOzhvVmj3jTYWt-ewf1c0HuFAypCq7CmwloYpuKL1kaEew-qcqHu5UP_zDAcXYd9oC5Y8w9cO84Bs25JsuVg-AeqL8AS6q1GpCV4OopSU_jEJrIJCIEoECZ-7XhnjqOdsbUgcAW0_tyxGsGdUtufPTnJ4SCPeh6sJl8sjGoCL1m7E_NNyrbhMLPWqN06DT1S7WFt1yTWRWL-_yJLPfGTHkp201ZH9sNuHBkAu1dROb_IRcUMhGCOXsHGrHR7mLOvsPRVsjJS4tTn5aOQXmErTQ1sNS3p9SZfWE3lHVTfNluv7YdNm8NtAXMwdOAjNbo3ULeoPlgVketxRkzE20Zm7sppvjnOMShh9zDD3fmMGTtljL7atXx6wXSH7Qmc5J9EChoQi-7R67lXRMPaTvSJchR0y3YDJe6ejUMejjYKa7ywn31KXj-b2QgcQCwrHQ7oCM_AssW7wuyvCFVhAkyFYqGtswNYJNmtHE6kXXFDKot3CVOLO485EYrsFoP1SzQZTXlf-fs8EbAz0h8wtYEqK1BlWvd8nDFJ7eSJDVAl9wGp6BDqLTPPSYD0zloecPJidBskiiIZVogWYKxsSPxBaNDoun7PLAEBxcLCyHO9hTYXqSm4jEVMCB9iQlqsMxNdIMAtN-4bzrkjeCM5jAAXaTzDu9SefFn0aPs6JwCeeDK2YfsAZvbGR32eBWYHY2En2g1vAGpysuOCwAMIkVDmLN6ax1G5IOuKK1uikA8ug2GOLDjOL43Lk16nZ_mNQp3-DUrd_Dd2sz1AKqlZQaA6SBStuDuI1hD8Xs05Y8SES4NbOePBM_WDukmVjUjIzycyzpcW5Jg3q-rM5qTCxAbzdBzjqgAKt-CbxY3yUTkQOOnkAI0pB7ckNaeLqsonpM3GEbpdST6JUjkxFNf7NlsIEtkTmKcZNljrbpS9SyI9UO4MEFJxwmTPXb2R4ibGGdkEJsSmZrGoyzCDvmxbzft65HyUV6gUq7r0TBvSMRG127YuWOZf9G3FqRlXSTLP6GgtwUnP-uh8pQctEP7WZJzxug-XUNvf9hZCd9oj2YihGVuMW9tgjcOdLc7VNE6JzGOUZNNc-QuOv9ym5COicVjWwje2tZ0uQ-JppY2jou5sdYQLsWNiPI7PGfKlmV_lccKNylbKZxFMKRjBddfLFDevU2Om-mmQ5BXZWMZBzPX6E1ZWs_jZ0Ji9XCpCTvybwDlHA7WicqiqzkAei5ja6QG6zlDTd1_N6aAA56YmlwUtA-x0ayUD1SlriDk6UxjggUcWZq6V5Vd205A4vBVVn7sxZhRfJEJlVZr0flXC9O5omTk-w9K1BpLC1hffepUwVStmg5Tw0qLwbqhtX76Mr4-zpNTmMDNczHT4QmsuLAj0L_6cFRAXyvYScd8mkHmHROSRMxjIzjLRbJolEoegv71aznayoxxtzgA31uMI1clSL6IwXpMPsWkWHBD5l4-Co-jgDgtGvgWPW4sCP7k6XW9VoyrE5cuyUgcP-ENGUcbWwf6xvZUXAUXbB8L3AikyrSbMKSyEJfw8-uGPYGSUW7Uo7H91mNQHS4ZebulDtW9ftOFw4frtT6y9bGFgG6f1-uFD7C0ooXhuQkqptm_weX9qwX_bH_V5v5jv754NXtnrRGSLf-1K7kBCN9VUQp8Tan1fFba5dRHXyVVIPKc7HyzPNZWkC_wJO4xqMlmqPtfYxakh9gnMTo-5qJ7ScpG17ephfcFXaezXqOzSJOdcfyO1JQSrMfWcZoNF2JU9EVMzo2FJdvtrr0JEQxvkex0CVvIraynaZEMNAhX9qwjW6oB5XcP2TPi_XKWZgsED-8xKZ8CP40zWpVJD7F_xO0aI1LZJ8Qyum5xI4Q8Ki6IS9GBx8w026Mkl_2DNIcXZA3djRKkgan5gC6ThYg5eijntPJ0IswDoGRQfMajEvGHifI52TganWbSs1SXjKuVQiciG-TmNB4Z0-Awfj6DEBFz3nCdqtZTc-F045iMOlxfo1CWgLLoVBVraWtgaWnoWDge_TKqE0llE3fIUwrzn7P_Y7po8Epynjc8uFo-HfoCFmK6PhcGb9HFA1NXweGUkD3GJ8oSXtlSsFQbKeWBXkDWu52Pk5pCmJJSod_ETKu_7sHqiWr3nl03M4sRsp3-xM9fm92m8wblClWWiyMKcefbEYvBEtyxaqtoBiqhhmE5O_PKz7FP9vPS0JyuEf6Cqb15YMsFvDtN5el&cid=CAQSTABpAlJW_gYc3k5LJ4tWfwTydlqr9J5HzQ-ltdwWcakRTiNwfhjjf6y_KurcLYBTDNjx02Zl8ZFFkPhDIRT_MDEvw-uJzcCv0G7WV1QYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3968244689812451000&adk=1877897943&idt=119&cac=0&dtd=31
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
195a5b210e38f760889bbeb2412a7c61204fdec80db36d3da65ee0e710c3d3aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43185
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B259 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a54f0cd19d664daef6cf1f12ed80eb582690e513fbd7d09543c5edc5cea787c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7897
x-xss-protection
0
server
cafe
etag
5491377319152348988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4C8F 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d18a083edcacc02f61fa6cc839d09181f9c68ab261110f4d3aa666408ad029e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29029
x-xss-protection
0
server
cafe
etag
920 / 19607 / m202308310101 / config-hash: 6414607385770146083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 		880 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922380
date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEQYM4MR0ZRP5J1
age
184190
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922381
x-amz-meta-mode
33188
content-length
147123
x-amz-id-2
EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by
cache-fra-eddf8230060-FRA
last-modified
Tue, 05 Sep 2023 13:59:42 GMT
server
AmazonS3-br
x-timer
S1694106697.412884,VS0,VE0
etag
"38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
186221
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922399
date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEY0CJZ5CP448HD
age
184190
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922400
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Tue, 05 Sep 2023 14:00:01 GMT
server
AmazonS3-br
x-timer
S1694106697.412746,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
231191
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9FAC 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9058b6f4ef74a0e1058ecd945e04abbecabe7e407849104f4b7455fb3e0865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50534
x-xss-protection
0
server
cafe
etag
11528775102558708669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B259 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
488b2ad1db2c7521edf8320e88cccaba68118a5c075d5e3e2a5ee475220d7eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50538
x-xss-protection
0
server
cafe
etag
6765007846583504551
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 0406 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8933329999391104&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gB--BKl2umQalERbbDMX8M
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.24.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-24-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
95c75ca873ea2bccefd8504f9f8ba790eed143d56f3e2034ea93874ca39fd4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 0406 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Origin
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 10:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22587
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 10:55:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 0406 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac4793JBrylNhtNmDd2VmW4JAoriv27Cpe0T8viq4zf55ZelH9MrcDzy4LUDnsTWwOIGAspgmBX5If1mC9yOs1oRSF1qjroqcUGbdxD1ToMSWcCmfdXhgRZXWhSTfozQTix-1QF6txjKWVFv_xKdQKTH8oln4UA5qYlYp4pJMRdnpM7PI&dbm_d=AKAmf-AdeXR2HLlb7ILYwtQR_iCGoF8l3LkhBISlbNy_pRoj3cX0kFegHwDBIJUGmo9kFQBj3VGxgvY52BobN9JYjCzdPCORkaEZH2zLt11wJ9j3aba2anylizRDWnZ-vKOJ4DvVGTnTRlM1cRbQhpCzSdQTe7oLF7roTQSmHvQykJ7IlHSpvOrkdhaJrLuyYHSorT4DYSadHWbT1GZmD84RzmdpZ2d1nKheuvEpSfZnik6GXrFlxwfUlYX8RyoAhDurd6ZK3F1_mrxXxbLt_3V1whbGuAN0eJJAciZUgP7yODd1X50ai6TxYN4RqeGlMDBdbVNXSMyjZv4gXg8BQe_PanXRuYfvJKLXDZ5q5uBeBCci_tnh0sDT-eSIoimgfllakGJIfxoOmMXJHeKeEx4LMJ3B19YP3-d1M52VloTrbKjxNUemssXSZPo32eOBWHQV_vfevvGZg6labb3qTUE3RwGytm2nV8c4JnTX1HJ7ytFOzP4IIHYATAo57bMDxJ0_rlmDfAzfjNTh3kpnoOptLNQKwRYMKwKvITJfVM1GtPqmP24sPlPXTaDWogZUpD-eBV2Ok9ZDKEyzsc1gdr1YW_8ZFFmACCV3eR3eGrCWdFuQ3cNvXUnbljWAtIpOBC_pEN8XLS_ggR-wca2g0piZcujRyfdUSY9ImFUu5Ue90d8HPRFzINKNLrgSM7DVBKbD_LRLGYOgO5yAwa9d-1uZl5wYP6qWR8WeFdtkGuAG0QkGrERl_P2eDBchAwrexF8I5BGcvDzJ25AAR2p_BNSl8EJ3nef6WE6jvTA1vdltIXgnKXdFoCGd1PWFUpvSHdf3MjVlB_fnuAe5XdVfwmStCNUYgxsVewkEBp4gJRBr37UGEcwCUUyQ8_-rQSMnEyavrGVnt69l58kjfPJlf9rMrJmtd93ku3CTrU65nHcjf9i94cUiPzmpQKGVSNRV_IQusvdw8B42B3nDa0JKPbplA5LZqbiyqqxUGQ2uyIHa0JLdeuyARzHJt2XCDOUybjDADemNJ_VJpf5fViA5WB_aONaIprIoHqoFC8BP_kWvlyT4N_C3CD9VZXvAWizp1Np2RPyFjl22_lwBLHhP11hOz3T_r4PbudaytfRh5GK2We0GtGy54YN3oZOllGoQA2QJHLlQpTGL6p8kggiRwZ-AM3SgI5Bgcet4oqt98GOUI4BcybupCbKc9b-uUewdMswDH8-TCPl7gZ60gxJUriQdnbiPNkA0Hmb8eEIlHmB12LyxvxaJ84U8Rqa0wl42n-dBOzKczPC6b6QvtB0RN0tsgQ11f08Tml-yqtEeDHq87WpjXMmUvtW5wz_Jox7Dyn5YSB2p8lNXvg8ERCFNTojoQxbXdIjX7QsXxXY-iV8DJoCab2mXJKpz-IwyDNfOi6p0Q5DeTNenKY8o5HaQc42Ba_sNzlONtj5fwK4DBbFClmPTvBJSnfToYx9mCAU_-XixuZPoUnXfT60QB7kx6nvZww72P5nonvLZS7N3IcG82nQkcPeC1WJwcmNdIV9Q--ZNnshlxUGjynGfqkPjOc9HmhUOzhvVmj3jTYWt-ewf1c0HuFAypCq7CmwloYpuKL1kaEew-qcqHu5UP_zDAcXYd9oC5Y8w9cO84Bs25JsuVg-AeqL8AS6q1GpCV4OopSU_jEJrIJCIEoECZ-7XhnjqOdsbUgcAW0_tyxGsGdUtufPTnJ4SCPeh6sJl8sjGoCL1m7E_NNyrbhMLPWqN06DT1S7WFt1yTWRWL-_yJLPfGTHkp201ZH9sNuHBkAu1dROb_IRcUMhGCOXsHGrHR7mLOvsPRVsjJS4tTn5aOQXmErTQ1sNS3p9SZfWE3lHVTfNluv7YdNm8NtAXMwdOAjNbo3ULeoPlgVketxRkzE20Zm7sppvjnOMShh9zDD3fmMGTtljL7atXx6wXSH7Qmc5J9EChoQi-7R67lXRMPaTvSJchR0y3YDJe6ejUMejjYKa7ywn31KXj-b2QgcQCwrHQ7oCM_AssW7wuyvCFVhAkyFYqGtswNYJNmtHE6kXXFDKot3CVOLO485EYrsFoP1SzQZTXlf-fs8EbAz0h8wtYEqK1BlWvd8nDFJ7eSJDVAl9wGp6BDqLTPPSYD0zloecPJidBskiiIZVogWYKxsSPxBaNDoun7PLAEBxcLCyHO9hTYXqSm4jEVMCB9iQlqsMxNdIMAtN-4bzrkjeCM5jAAXaTzDu9SefFn0aPs6JwCeeDK2YfsAZvbGR32eBWYHY2En2g1vAGpysuOCwAMIkVDmLN6ax1G5IOuKK1uikA8ug2GOLDjOL43Lk16nZ_mNQp3-DUrd_Dd2sz1AKqlZQaA6SBStuDuI1hD8Xs05Y8SES4NbOePBM_WDukmVjUjIzycyzpcW5Jg3q-rM5qTCxAbzdBzjqgAKt-CbxY3yUTkQOOnkAI0pB7ckNaeLqsonpM3GEbpdST6JUjkxFNf7NlsIEtkTmKcZNljrbpS9SyI9UO4MEFJxwmTPXb2R4ibGGdkEJsSmZrGoyzCDvmxbzft65HyUV6gUq7r0TBvSMRG127YuWOZf9G3FqRlXSTLP6GgtwUnP-uh8pQctEP7WZJzxug-XUNvf9hZCd9oj2YihGVuMW9tgjcOdLc7VNE6JzGOUZNNc-QuOv9ym5COicVjWwje2tZ0uQ-JppY2jou5sdYQLsWNiPI7PGfKlmV_lccKNylbKZxFMKRjBddfLFDevU2Om-mmQ5BXZWMZBzPX6E1ZWs_jZ0Ji9XCpCTvybwDlHA7WicqiqzkAei5ja6QG6zlDTd1_N6aAA56YmlwUtA-x0ayUD1SlriDk6UxjggUcWZq6V5Vd205A4vBVVn7sxZhRfJEJlVZr0flXC9O5omTk-w9K1BpLC1hffepUwVStmg5Tw0qLwbqhtX76Mr4-zpNTmMDNczHT4QmsuLAj0L_6cFRAXyvYScd8mkHmHROSRMxjIzjLRbJolEoegv71aznayoxxtzgA31uMI1clSL6IwXpMPsWkWHBD5l4-Co-jgDgtGvgWPW4sCP7k6XW9VoyrE5cuyUgcP-ENGUcbWwf6xvZUXAUXbB8L3AikyrSbMKSyEJfw8-uGPYGSUW7Uo7H91mNQHS4ZebulDtW9ftOFw4frtT6y9bGFgG6f1-uFD7C0ooXhuQkqptm_weX9qwX_bH_V5v5jv754NXtnrRGSLf-1K7kBCN9VUQp8Tan1fFba5dRHXyVVIPKc7HyzPNZWkC_wJO4xqMlmqPtfYxakh9gnMTo-5qJ7ScpG17ephfcFXaezXqOzSJOdcfyO1JQSrMfWcZoNF2JU9EVMzo2FJdvtrr0JEQxvkex0CVvIraynaZEMNAhX9qwjW6oB5XcP2TPi_XKWZgsED-8xKZ8CP40zWpVJD7F_xO0aI1LZJ8Qyum5xI4Q8Ki6IS9GBx8w026Mkl_2DNIcXZA3djRKkgan5gC6ThYg5eijntPJ0IswDoGRQfMajEvGHifI52TganWbSs1SXjKuVQiciG-TmNB4Z0-Awfj6DEBFz3nCdqtZTc-F045iMOlxfo1CWgLLoVBVraWtgaWnoWDge_TKqE0llE3fIUwrzn7P_Y7po8Epynjc8uFo-HfoCFmK6PhcGb9HFA1NXweGUkD3GJ8oSXtlSsFQbKeWBXkDWu52Pk5pCmJJSod_ETKu_7sHqiWr3nl03M4sRsp3-xM9fm92m8wblClWWiyMKcefbEYvBEtyxaqtoBiqhhmE5O_PKz7FP9vPS0JyuEf6Cqb15YMsFvDtN5el&cid=CAQSTABpAlJW_gYc3k5LJ4tWfwTydlqr9J5HzQ-ltdwWcakRTiNwfhjjf6y_KurcLYBTDNjx02Zl8ZFFkPhDIRT_MDEvw-uJzcCv0G7WV1QYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3968244689812451000&adk=1877897943&idt=119&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
10707
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:13:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 0406 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ac4793JBrylNhtNmDd2VmW4JAoriv27Cpe0T8viq4zf55ZelH9MrcDzy4LUDnsTWwOIGAspgmBX5If1mC9yOs1oRSF1qjroqcUGbdxD1ToMSWcCmfdXhgRZXWhSTfozQTix-1QF6txjKWVFv_xKdQKTH8oln4UA5qYlYp4pJMRdnpM7PI&dbm_d=AKAmf-AdeXR2HLlb7ILYwtQR_iCGoF8l3LkhBISlbNy_pRoj3cX0kFegHwDBIJUGmo9kFQBj3VGxgvY52BobN9JYjCzdPCORkaEZH2zLt11wJ9j3aba2anylizRDWnZ-vKOJ4DvVGTnTRlM1cRbQhpCzSdQTe7oLF7roTQSmHvQykJ7IlHSpvOrkdhaJrLuyYHSorT4DYSadHWbT1GZmD84RzmdpZ2d1nKheuvEpSfZnik6GXrFlxwfUlYX8RyoAhDurd6ZK3F1_mrxXxbLt_3V1whbGuAN0eJJAciZUgP7yODd1X50ai6TxYN4RqeGlMDBdbVNXSMyjZv4gXg8BQe_PanXRuYfvJKLXDZ5q5uBeBCci_tnh0sDT-eSIoimgfllakGJIfxoOmMXJHeKeEx4LMJ3B19YP3-d1M52VloTrbKjxNUemssXSZPo32eOBWHQV_vfevvGZg6labb3qTUE3RwGytm2nV8c4JnTX1HJ7ytFOzP4IIHYATAo57bMDxJ0_rlmDfAzfjNTh3kpnoOptLNQKwRYMKwKvITJfVM1GtPqmP24sPlPXTaDWogZUpD-eBV2Ok9ZDKEyzsc1gdr1YW_8ZFFmACCV3eR3eGrCWdFuQ3cNvXUnbljWAtIpOBC_pEN8XLS_ggR-wca2g0piZcujRyfdUSY9ImFUu5Ue90d8HPRFzINKNLrgSM7DVBKbD_LRLGYOgO5yAwa9d-1uZl5wYP6qWR8WeFdtkGuAG0QkGrERl_P2eDBchAwrexF8I5BGcvDzJ25AAR2p_BNSl8EJ3nef6WE6jvTA1vdltIXgnKXdFoCGd1PWFUpvSHdf3MjVlB_fnuAe5XdVfwmStCNUYgxsVewkEBp4gJRBr37UGEcwCUUyQ8_-rQSMnEyavrGVnt69l58kjfPJlf9rMrJmtd93ku3CTrU65nHcjf9i94cUiPzmpQKGVSNRV_IQusvdw8B42B3nDa0JKPbplA5LZqbiyqqxUGQ2uyIHa0JLdeuyARzHJt2XCDOUybjDADemNJ_VJpf5fViA5WB_aONaIprIoHqoFC8BP_kWvlyT4N_C3CD9VZXvAWizp1Np2RPyFjl22_lwBLHhP11hOz3T_r4PbudaytfRh5GK2We0GtGy54YN3oZOllGoQA2QJHLlQpTGL6p8kggiRwZ-AM3SgI5Bgcet4oqt98GOUI4BcybupCbKc9b-uUewdMswDH8-TCPl7gZ60gxJUriQdnbiPNkA0Hmb8eEIlHmB12LyxvxaJ84U8Rqa0wl42n-dBOzKczPC6b6QvtB0RN0tsgQ11f08Tml-yqtEeDHq87WpjXMmUvtW5wz_Jox7Dyn5YSB2p8lNXvg8ERCFNTojoQxbXdIjX7QsXxXY-iV8DJoCab2mXJKpz-IwyDNfOi6p0Q5DeTNenKY8o5HaQc42Ba_sNzlONtj5fwK4DBbFClmPTvBJSnfToYx9mCAU_-XixuZPoUnXfT60QB7kx6nvZww72P5nonvLZS7N3IcG82nQkcPeC1WJwcmNdIV9Q--ZNnshlxUGjynGfqkPjOc9HmhUOzhvVmj3jTYWt-ewf1c0HuFAypCq7CmwloYpuKL1kaEew-qcqHu5UP_zDAcXYd9oC5Y8w9cO84Bs25JsuVg-AeqL8AS6q1GpCV4OopSU_jEJrIJCIEoECZ-7XhnjqOdsbUgcAW0_tyxGsGdUtufPTnJ4SCPeh6sJl8sjGoCL1m7E_NNyrbhMLPWqN06DT1S7WFt1yTWRWL-_yJLPfGTHkp201ZH9sNuHBkAu1dROb_IRcUMhGCOXsHGrHR7mLOvsPRVsjJS4tTn5aOQXmErTQ1sNS3p9SZfWE3lHVTfNluv7YdNm8NtAXMwdOAjNbo3ULeoPlgVketxRkzE20Zm7sppvjnOMShh9zDD3fmMGTtljL7atXx6wXSH7Qmc5J9EChoQi-7R67lXRMPaTvSJchR0y3YDJe6ejUMejjYKa7ywn31KXj-b2QgcQCwrHQ7oCM_AssW7wuyvCFVhAkyFYqGtswNYJNmtHE6kXXFDKot3CVOLO485EYrsFoP1SzQZTXlf-fs8EbAz0h8wtYEqK1BlWvd8nDFJ7eSJDVAl9wGp6BDqLTPPSYD0zloecPJidBskiiIZVogWYKxsSPxBaNDoun7PLAEBxcLCyHO9hTYXqSm4jEVMCB9iQlqsMxNdIMAtN-4bzrkjeCM5jAAXaTzDu9SefFn0aPs6JwCeeDK2YfsAZvbGR32eBWYHY2En2g1vAGpysuOCwAMIkVDmLN6ax1G5IOuKK1uikA8ug2GOLDjOL43Lk16nZ_mNQp3-DUrd_Dd2sz1AKqlZQaA6SBStuDuI1hD8Xs05Y8SES4NbOePBM_WDukmVjUjIzycyzpcW5Jg3q-rM5qTCxAbzdBzjqgAKt-CbxY3yUTkQOOnkAI0pB7ckNaeLqsonpM3GEbpdST6JUjkxFNf7NlsIEtkTmKcZNljrbpS9SyI9UO4MEFJxwmTPXb2R4ibGGdkEJsSmZrGoyzCDvmxbzft65HyUV6gUq7r0TBvSMRG127YuWOZf9G3FqRlXSTLP6GgtwUnP-uh8pQctEP7WZJzxug-XUNvf9hZCd9oj2YihGVuMW9tgjcOdLc7VNE6JzGOUZNNc-QuOv9ym5COicVjWwje2tZ0uQ-JppY2jou5sdYQLsWNiPI7PGfKlmV_lccKNylbKZxFMKRjBddfLFDevU2Om-mmQ5BXZWMZBzPX6E1ZWs_jZ0Ji9XCpCTvybwDlHA7WicqiqzkAei5ja6QG6zlDTd1_N6aAA56YmlwUtA-x0ayUD1SlriDk6UxjggUcWZq6V5Vd205A4vBVVn7sxZhRfJEJlVZr0flXC9O5omTk-w9K1BpLC1hffepUwVStmg5Tw0qLwbqhtX76Mr4-zpNTmMDNczHT4QmsuLAj0L_6cFRAXyvYScd8mkHmHROSRMxjIzjLRbJolEoegv71aznayoxxtzgA31uMI1clSL6IwXpMPsWkWHBD5l4-Co-jgDgtGvgWPW4sCP7k6XW9VoyrE5cuyUgcP-ENGUcbWwf6xvZUXAUXbB8L3AikyrSbMKSyEJfw8-uGPYGSUW7Uo7H91mNQHS4ZebulDtW9ftOFw4frtT6y9bGFgG6f1-uFD7C0ooXhuQkqptm_weX9qwX_bH_V5v5jv754NXtnrRGSLf-1K7kBCN9VUQp8Tan1fFba5dRHXyVVIPKc7HyzPNZWkC_wJO4xqMlmqPtfYxakh9gnMTo-5qJ7ScpG17ephfcFXaezXqOzSJOdcfyO1JQSrMfWcZoNF2JU9EVMzo2FJdvtrr0JEQxvkex0CVvIraynaZEMNAhX9qwjW6oB5XcP2TPi_XKWZgsED-8xKZ8CP40zWpVJD7F_xO0aI1LZJ8Qyum5xI4Q8Ki6IS9GBx8w026Mkl_2DNIcXZA3djRKkgan5gC6ThYg5eijntPJ0IswDoGRQfMajEvGHifI52TganWbSs1SXjKuVQiciG-TmNB4Z0-Awfj6DEBFz3nCdqtZTc-F045iMOlxfo1CWgLLoVBVraWtgaWnoWDge_TKqE0llE3fIUwrzn7P_Y7po8Epynjc8uFo-HfoCFmK6PhcGb9HFA1NXweGUkD3GJ8oSXtlSsFQbKeWBXkDWu52Pk5pCmJJSod_ETKu_7sHqiWr3nl03M4sRsp3-xM9fm92m8wblClWWiyMKcefbEYvBEtyxaqtoBiqhhmE5O_PKz7FP9vPS0JyuEf6Cqb15YMsFvDtN5el&cid=CAQSTABpAlJW_gYc3k5LJ4tWfwTydlqr9J5HzQ-ltdwWcakRTiNwfhjjf6y_KurcLYBTDNjx02Zl8ZFFkPhDIRT_MDEvw-uJzcCv0G7WV1QYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=3968244689812451000&adk=1877897943&idt=119&cac=0&dtd=31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10797
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:11:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0406 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
480622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YWktZ3VvLXhpYW4tcm91LXpoZW5nLWhhbmcteWktbmlhbi1zaGVuZy0yLWppYW4tbWlhbi1odWktamlhLWthaS1hbi1rZS1jaGFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImNmYWEwMzA3LTRjYmQtNGUwOS05ODM0LWMxNWEyZDA4ODRiYSIsInRpbWVPZkF1Y3Rpb24iOjE2OTQxMDY2OTY4NTksImJpZHMiOlt7ImNwbSI6MC4wNywiYWRJZCI6Ijc1ZGNjYTMyNDI3ZGYyYiIsIm9yaWdpbmFsQ3BtIjowLjA3LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE4MywidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQxMDY2OTcwNTJ9LHsiY3BtIjowLjA3LCJhZElkIjoiNzY1ZjAxN2NhYjhmOCIsIm9yaWdpbmFsQ3BtIjowLjA3LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE4NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQxMDY2OTcwNTR9LHsiY3BtIjowLjAyLCJhZElkIjoiODA5MDVmYjkyOThjNWNkIiwib3JpZ2luYWxDcG0iOjAuMDIsImJpZGRlciI6InJ1Ymljb24iLCJyZXZlbnVlIjowLjAwMDAyLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjoyMzcsInRpbWVPZkJpZFJlY2VpdmVkIjoxNjk0MTA2Njk3MTIxfV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Iml4IiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NWRjY2EzMjQyN2RmMmIiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDF9LHsic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImNmYWEwMzA3LTRjYmQtNGUwOS05ODM0LWMxNWEyZDA4ODRiYSIsInRpbWVPZkF1Y3Rpb24iOjE2OTQxMDY2OTY4NTksImJpZHMiOlt7ImNwbSI6MC4wNywiYWRJZCI6Ijc3MWYyOGRmMzljN2EwNCIsIm9yaWdpbmFsQ3BtIjowLjA3LCJiaWRkZXIiOiJpeCIsInJldmVudWUiOjAuMDAwMDcwMDAwMDAwMDAwMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE4NSwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQxMDY2OTcwNTR9LHsiY3BtIjowLjA3LCJhZElkIjoiNzg0YmEzNjgxNzE1ZDcyIiwib3JpZ2luYWxDcG0iOjAuMDcsImJpZGRlciI6Iml4IiwicmV2ZW51ZSI6MC4wMDAwNzAwMDAwMDAwMDAwMDAwMSwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTg1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDEwNjY5NzA1NH0seyJjcG0iOjAuMDIsImFkSWQiOiI3OTg5MDk0MDllNzUzYyIsIm9yaWdpbmFsQ3BtIjowLjAyLCJiaWRkZXIiOiJydWJpY29uIiwicmV2ZW51ZSI6MC4wMDAwMiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjM2LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDEwNjY5NzEyMH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiNzcxZjI4ZGYzOWM3YTA0IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxfV0sImNvdW50cnkiOiJDSCJ9&c_b=2504.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
usync.js
eus.rubiconproject.com/ Frame 9DEF 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81824
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:55:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1372508342392756&correlator=2202278638180219&eid=31076474%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&arp=1&abxe=1&dt=1694106697521&lmt=1694099497&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=626269215.1694106697&ga_sid=1694106697&ga_hid=631426543&ga_fc=false&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&dlt=1694106695961&idt=617&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.07%26hb_ap_adid%3D771f28df39c7a04%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c%26faid%3Dfalse&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48b18c0d71f2667bb452605eae1ca3f0c24ffe0c843b755752b21e7cf9d5d3e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11837
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1372508342392756&correlator=2202278638180219&eid=31076474%2C31077650&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&arp=1&abxe=1&dt=1694106697525&lmt=1694099497&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=626269215.1694106697&ga_sid=1694106697&ga_hid=631426543&ga_fc=false&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&dlt=1694106695961&idt=617&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_10_0%26cluster_reporting%3Dchrome_DESKTOP_10_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.07%26hb_ap_adid%3D75dcca32427df2b%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_c%26faid%3Dfalse&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
049b49126c52cbab80d35b77d4a2e457d5e2883929e99ee62daa6faf85346954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11130
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1881566
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1694106698.585968,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
204580
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693904460
date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HYK8AJ9H52WB6KA4
age
202187
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693904472
x-amz-meta-mode
33188
content-length
86274
x-amz-id-2
t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by
cache-fra-eddf8230060-FRA
last-modified
Tue, 05 Sep 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1694106698.602038,VS0,VE0
etag
"e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
180864
sync
am-match.taboola.com/ Frame B3F4 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
be4b39fb68cc195526653b993ee58caaf95c9287c75b461a69dde0157496d2d4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 17:11:37 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&cmcv=&pix=31579697&cb=1694106697608&uv=3334&tms=1694106697608&su=3&abt=nonrv_vA!ufm_vG!ufrlt_vA!ul143917-543_vB&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
2704986
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1694106698.623939,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
846975
sync.php
pixel.rubiconproject.com/exchange/ Frame 9DEF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM9FDXCP-5-5E6Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads
googleads.g.doubleclick.net/pagead/ Frame 0F32 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f107e08b76a563f441e852848b697913a851667e854361fe3a01d8ad20bb0d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
11974
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame B3F4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B3F4 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:260b:940e:5542:581f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame B3F4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0EC3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383992
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame 9FAC 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
991e8c37b8bcb61edee3efa598bb7290624e7ba26fc39fa80fafe0fe76073b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131262
x-xss-protection
0
server
cafe
etag
9380721999653467845
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 5E27 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 00:39:04 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 00:39:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 767C 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
154608
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 22:14:49 GMT
expires
Wed, 04 Sep 2024 22:14:49 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 0406
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8933329999391104&ias_chanId=1&ias_placementId=20338657638&bidurl=https://www.bg3.co/a/tai-...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQT6ZJK7GKi5x_APweSLqAU&cbFunctionName=goog_wrapCb_SQT6ZJK7GKi5x_APweSLqAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQT6ZJK7GKi5x_APweSLqAU&cbFunctionName=goog_wrapCb_SQT6ZJK7GKi5x_APweSLqAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 19:04:41 GMT
x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
598017
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
7ZDioahzPNmvj5dReWkj4g2rasULq1NPBf4LRBM-VnY2smXXP95vwg==

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
nginx
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_SQT6ZJK7GKi5x_APweSLqAU&cbFunctionName=goog_wrapCb_SQT6ZJK7GKi5x_APweSLqAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 45F0 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
30332121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
BsBdF_edZI5dezI8tCpmZ5u4PMMnmGrClNk-L0m7n2ogw90UMafnFg==
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C5BB 		714 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
7559
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8030926d0b599001-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 17:11:37 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uxx3fz1GVoi2KyerqeO4uv%2BWEnMtNiQenYGvCfnW9Z2kJMUTJq0PC%2FNsHw4KRHJoHqFGrmmi%2FfjyaWfv9hrkMt%2BTHXmJrkZTfZIZp%2B%2F2bRubQfC%2F3orVBWDmMouodMW9hRs8IDdFqLfZ5adA0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame BEF0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 17:11:37 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 17:11:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 767C 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 13:20:04 GMT
dt
dt.adsafeprotected.com/ Frame 0406 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fd9b5b4b-6dce-8959-4bfb-431f374fd85b&tv=%7Bc:nynH6r,pingTime:-3,time:82,type:v,im:%7BpBlk:52%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3y1+11%7C121%7C13%7C14%7C15%7C16%7C17%7C181*.990511-61634100%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:181*,rmeas:1,rend:0,renddet:IMG.us,siq:31%7D&br=c
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx
x-server-name
dt29.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0406 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fd9b5b4b-6dce-8959-4bfb-431f374fd85b&tv=%7Bc:nynH6s,pingTime:-6,time:83,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3y1+11%7C121%7C13%7C14%7C15%7C16%7C17%7C181*.990511-61634100%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:181*,rmeas:1,rend:0,renddet:IMG.us,siq:31%7D&tpiLookup=ao:www.bg3.co*%2Cb0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com*&br=c
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9DEF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oCEcm9NERZepZYCnlVg8lw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oCEcm9NERZepZYCnlVg8lw
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oCEcm9NERZepZYCnlVg8lw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B0T6PT5WZTAD8DE4YBKW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oCEcm9NERZepZYCnlVg8lw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 9DEF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 9DEF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9FDXCP-5-5E6Y
0
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9FDXCP-5-5E6Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 40C7BAFF1D484331ACCB5E7673B2C909 Ref B: FRAEDGE1119 Ref C: 2023-09-07T17:11:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEx/PxXBPT9VzR4pAVOw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9FDXCP-5-5E6Y
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9DEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi5ILLV1Upo3amV2ppbyG0&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi5ILLV1Upo3amV2ppbyG0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi5ILLV1Upo3amV2ppbyG0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9DEF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjMwMTE0YTE5ZGRiMjhkMTJkMDBkOTQxODVmMWMyMzdmOTRlMWQ3ZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjMwMTE0YTE5ZGRiMjhkMTJkMDBkOTQxODVmMWMyMzdmOTRlMWQ3ZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjMwMTE0YTE5ZGRiMjhkMTJkMDBkOTQxODVmMWMyMzdmOTRlMWQ3ZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9DEF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE05RkRYQ1AtNS01RTZZ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 9DEF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/OSlNCXTfvF_k0gdn_J2kkw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UddHon9E2oKMNpVGTRe5Nr44aD7NdvWaIwBa5w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UddHon9E2oKMNpVGTRe5Nr44aD7NdvWaIwBa5w--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 07 Sep 2023 17:11:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-UddHon9E2oKMNpVGTRe5Nr44aD7NdvWaIwBa5w--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 9DEF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xf4CJs0FTtqDTURJWr0oLA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xf4CJs0FTtqDTURJWr0oLA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xf4CJs0FTtqDTURJWr0oLA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MHYXC76CTVN0PQK9ZPPC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xf4CJs0FTtqDTURJWr0oLA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=5906&tvi50=12261&route=AM%3AAM%3AV&lti=vignette-a-tag-fix-new-tab_var&bulkSize=11
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-9_b2-PR-60661-DEV-137973-a-b-test-opening-vignette-in-a-new-tab-redirect-delay-e9b9045222e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
date
Thu, 07 Sep 2023 17:11:37 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7681
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230090-FRA
pragma
no-cache
server
nginx
x-timer
S1694106698.838647,VS0,VE11
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame B259 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077641
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02fa2bc5766f47846c02d249ca497a9641a7cbe75f4f1ffefe10315a113cef17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131262
x-xss-protection
0
server
cafe
etag
11400806109913107414
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C5BB 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f513ce4f55de4feb0213f25b8784a255a71a4215a806035f5f6130aa171ef6a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
server
cafe
etag
776 / 19607 / 31077596 / config-hash: 6414607385770146083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
dt
dt.adsafeprotected.com/ Frame 0406 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fd9b5b4b-6dce-8959-4bfb-431f374fd85b&tv=%7Bc:nynH7A,pingTime:-2,time:153,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:539,beZ:540,mfA:542,cmA:543,inA:543,inZ:547,prA:547,prZ:561,si:569,poA:570,bl:591,poZ:591,cmZ:591,mfZ:591,loA:621,loZ:624,ltA:692,ltZ:692%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:30%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B147~0%5D,as:%5B147~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3y1+11%7C121%7C13%7C14%7C15%7C16%7C17%7C181*.990511-61634100%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g,idMap:181*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:31,sinceFw:121,readyFired:true%7D&br=c
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx
x-server-name
dt28.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usync.js
eus.rubiconproject.com/ Frame BEF0 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81824
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:55:21 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 4C8F 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 12:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
17886
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 12:13:31 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:b25:850e:c423:61a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvdGFpLWd1by14aWFuLXJvdS16aGVuZy1oYW5nLXlpLW5pYW4tc2hlbmctMi1qaWFuLW1pYW4taHVpLWppYS1rYWktYW4ta2UtY2hhbmcuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvdGFpLWd1by14aWFuLXJvdS16aGVuZy1oYW5nLXlpLW5pYW4tc2hlbmctMi1qaWFuLW1pYW4taHVpLWppYS1rYWktYW4ta2UtY2hhbmcuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=16, origin; dur=371, ak_p; desc="1694106697892_389027462_65161712_38774_2577_12_0_219";dur=1
content-length
555
expires
Thu, 07 Sep 2023 18:11:38 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 0EC3 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
container.html
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 063E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:36 GMT
expires
Fri, 06 Sep 2024 17:11:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 9FAC 		210 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2473b3cfa63285cbb9a41a069033cc54b036d1e9bdd55ff449b9590b63c34c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
196
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D43E 		109 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5483fea01b877670e7ea5b29664c393f45b593f2f8f2fea36fdbe61bc947b5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40339
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A5CF 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 063E 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BXp1-62F8v3PKlbFb1xnCw1bJhU_aOT5jm-urRzr3Lx-VkUG43k23zjyDhS7fUt9RsqLdIIepiT8I7mj_VsW6DGzapgSgqTuAOLMQ_kJloQQCAL94
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10294665872422563238&x=1&ct=76
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 063E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 063E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame 063E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSEciUJg1La-dTMuujIsBTDgGiS_U4U4nGEGj40R5o79N4uckoXQ-pKI8DFzNeiGF0PrFZ_sL9MV0-j79TH_s8igpsEA
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 063E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:37 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 767C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:26:36 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 767C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:24:47 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 767C 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:20:40 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 767C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:26:12 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 767C 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 16:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
773
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:13:45 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 767C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:09:42 GMT
x-content-type-options
nosniff
age
116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:24:42 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4C8F 		492 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4006974417168763&correlator=90234406980593&eid=31076479&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694106698007&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=v73owm3vrq75&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMDBX0CkWlWLC-5UejyKFH8e3lZqXa5TcNH_nbpW_JqcvZHQA2J2VW7SjjKFDt83DyHYTHlu51cZoDBPZLZekaJkhuM8qdnWHBz10k_5MxBtyaglbM7wkR_nXAZX3XGUrQnSpIN6Lw5KoS46z4PGSDqPt-GWRSDHJliRaseQJpDSFkJ0JKcklw&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=842458879.1694106698&ga_sid=1694106698&ga_hid=137383321&ga_fc=false&dlt=1694106697400&idt=570&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
532f12f5812b0147d4bc778b443e88251c1626cb157507e1c34547aec6ad132a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4C8F 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113ccd6bf42f35f6c241c787f3cd495f08e7c196795dab8cc8410c5c62f0dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11815
x-xss-protection
0
container.html
b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB06 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
expires
Fri, 06 Sep 2024 17:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame A5CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A5CF 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A5CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Thu, 07 Sep 2023 17:11:38 GMT
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A5CF 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COCGGxCf4vnEAhjMkuLuATAB&v=APEucNV8SRc4FFHuQPQREHMnfik-qZRC5auulj65oYuA1HOPednDOaAgyIEOMiEqNJFFPMqc6fetWZUEDbl_9KYq4zGkrUhObPLO_SWTHIoO1COi3VcNVJjOW44FdiMqx59PUx1Rqmbv_Dh-vc1UFgQzmsXQ24_uXbWs_tML_7eQqweETHzigRacK9VupSGQUkU9dk63LPHP8PlnFaj55HKqliCpoi6Qew
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Thu, 07 Sep 2023 17:11:38 GMT
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
9855
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694106698.013077,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5303
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/ Frame C5BB 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d592777a6d54b69a8e48ad9ef2b7abeb4c3fec5e8d88935956423d3dc8f069b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 08:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
30459
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
5804524590501581973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 08:43:59 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B259 		210 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b7bc15813e088b628c6c0c0bc9b82384c32450a318bd6d64c591d2640c02ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
197
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2F4F 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8425f97b69cdda2d3d9321085698fbd7978d9c8e75371aa42f9eb4dfdfbee231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3838939496465&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3838939496465&version=m202307240101&ct=76&x=1&cor=10294665872422564000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 063E 		78 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2df9d32f2fc3b888ee63fb28fa4066fa1f20cd00ed296527836200ff83f9b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36815
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4C8F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:11:38 GMT
container.html
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA46 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:36 GMT
expires
Fri, 06 Sep 2024 17:11:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:b25:850e:c423:61a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
script.js
d2849lw36e7cot.cloudfront.net/ Frame B4E7 		126 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2849lw36e7cot.cloudfront.net/script.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1400:19:ba84:7f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b7c14232b20cad413f063c9830b7700b9cc18f80b72cac58e7537d2576c3376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
OAzzVnj7CYAcd5cgjp5OlMDWiiTJSS9v
content-encoding
gzip
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
date
Thu, 07 Sep 2023 17:03:43 GMT
last-modified
Thu, 07 Sep 2023 16:29:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
476
x-amz-server-side-encryption
AES256
etag
W/"4f0f666e882ef190faa8562e6203faf0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
J383X-ZCik_N8qa4LX6qmTW-tKu8VIx4EdktFSVnuuamW9OUBt6EOQ==
17923302-ea49-4f72-939d-2d6268ae1b97
a1114.casalemedia.com/impression/v2/693656/111/cjt08i5aab7ta58qus10/ Frame B4E7 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1114.casalemedia.com/impression/v2/693656/111/cjt08i5aab7ta58qus10/17923302-ea49-4f72-939d-2d6268ae1b97?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1694107297&profileIDs=&creativeID=28d86a5&pubID=189372&format=banner&channel=site
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.45 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
/
track.adform.net/adfscript/ Frame B4E7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67239502;rtbwp=ZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw;rtbdata=xBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7643b6b4cac22f5ddc161df654e52fd6cc9c0c4347430c4d2f3bd0bd9448f8ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
934
expires
-1
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:b25:850e:c423:61a4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS90YWktZ3VvLXhpYW4tcm91LXpoZW5nLWhhbmcteWktbmlhbi1zaGVuZy0yLWppYW4tbWlhbi1odWktamlhLWthaS1hbi1rZS1jaGFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtYWEzYWJlNDItMWYxYi00MGVlLWIyMzMtYzZkMTljYmM5MGJmIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxLCJyZXNwb25zZVRpbWUiOjE4NSwibmV0d29ya1JlbGF0aW9uIjoxfV0sIm1vZGUiOjEsImVycm9yQ29kZSI6MSwid2lubmVyIjoiaXgiLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA3MDAwMDAwMDAwMDAwMDAxLCJ3aW5uZXJBZFVuaXRJZCI6Ijc3MWYyOGRmMzljN2EwNCIsInRpbWVkT3V0QmlkZGVycyI6W10sInNlcnZpY2VzIjpbMSwzXSwic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlZnJlc2hDb3VudCI6MCwicGxhY2VtZW50IjoxLCJyZW5kZXJlZEFkU2l6ZSI6IjI1MHgyNTAiLCJwcmViaWRBdWN0aW9uSWQiOiJjZmFhMDMwNy00Y2JkLTRlMDktOTgzNC1jMTVhMmQwODg0YmEiLCJoZWFkZXJCaWRkaW5nVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3190.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8CCC 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 287E 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 287E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 287E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame 287E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSt9PcGtL2BN9ZEz9Q6FXp1Fl_xorycPk-HTwvC8jPZXmvFPoZ_L5T2aFFv8p-qyR4teuWURBIS6q_bOcnyWgShwtp2iA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 287E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6fY3N6g2jc7g0npvq29CB1IDhyai_Vp7g1fKpq3Ygk1SraE295VlypfWF8DmJrtJ9L0M_maoQ4fztqjL0uAmQS2PbeQSgABTfAUgA1fGuMxfC1FI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16276339330048704771&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C5BB 		491 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=343052364237571&correlator=3667250931255437&eid=31077365%2C31077650%2C31077596&output=ldjh&gdfp_req=1&vrg=202308240102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694106698233&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7479l13h6m5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qMDBX0CkWlWLC-5UejyKFH8e3lZqXa5TcNH_nbpW_JqcvZHQA2J2VW7SjjKFDt83DyHYTHlu51cZoDBPZLZekaJkhuM8qdnWHBz10k_5MxBtyaglbM7wkR_nXAZX3XGUrQnSpIN6Lw5KoS46z4PGSDqPt-GWRSDHJliRaseQJpDSFkJ0JKcklw&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2014609302.1694106698&ga_sid=1694106698&ga_hid=603513159&ga_fc=false&dlt=1694106697856&idt=282&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f698d0a11fcf4c8398d8b0c425446c14de10a97c2e99cba1381f9c7a3bc8b8df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C5BB 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fe093e5a1fa540945afb6484cf6170dda2317795ce1816259932e997cad04da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11720
x-xss-protection
0
container.html
ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D615 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
expires
Fri, 06 Sep 2024 17:11:38 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 063E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:11:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 063E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
10708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:13:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 063E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswzU7kBUhlZgDp3fwH0X4bx2l-xnMx1I3GVOshic2yPI10339KTmY7oyJm9udxtTVNtCfqtXifi8izfqaFp9wTX66MSCZDvJUbZ7BUE5gQdcyE8cEMM9KC9F-TZWjhxdPqcDBkR95AESXbUczBO50TWyLVRPiczbYs0pwDG668O_RyfSJYdBBkWk6ZvFEx9pCuGVXi-w34BpWeOuXl0VIHeMM0LvS7TpMRCeM4jyKcSqQJ5utzH064qVtn37fCnI8G_jAsZXE1Bmk5OOqHCcak9vftqwOo2Ri3_NLmdqbyWRn_yL3ke-OF8yDy2HxxVHqnlkqWh9eKPiRC8XUq2ZEcEAL4C5V1qgyVkyInBM_YxWllwr6VljxU-xS817R89z9hJVmbcW6BpGEKEwIwW1MCwVNzD8OacSmnW2fQ4lmYHRYsXbYIcVx46CtWEzOMqvDbkl8pTlvDL4sdjM0XYvHnvHxDIOYY8Otfep8rPl0dh3ZVnyHva9pFGxYWsi1e3w-JTNgdviizHpQ_yQqf4CrYrXFE1K3Ds6E__hC-_AuYhyxWUXhsR8OpN7LTspmKDC1CZpjcuVuFXl5sb2RBai1vFwPghuSO5Px24-RUfGbNSL711YIKkRX42X9fm9u45MiffUsdicLCbDqpzouVj4zUTRbc_C7mRYpQNrlzAnaHH8N__7Yu62_3xdG5psi-GuXfNeLWvCnLlNMA0QjXCGYrBQ-K6SNHd1LETYgNzB2UWz3KdGuZJ59HzG5Wo7h3FjKVeLkg9pyDFzgUrM2oa2UxUFYhARLRoufdqjCRwJ8c4y0ScAaEzx1IsGENAkpSjXpvALZUdbBtTDLlY6N4XDEuI6UidIrs16tbfjXDEaCIg3y-aHvMoOKN3TzgY9Zd7hFL9u8V-p5sR58hu9QPwrQZrdmMnEN4EICcfhnyjhT9gCMVvakGuZdrmw7uDt-i74BVIscdQH5OpomH_PYHHkqfcYAI23oM-STeAijoz_tsoKoo4B42_NrdPbI_iV77GmdykvJ9-0E0CII33380BoTznlmzU8ZucFaKra4i7bcpSBWj_ZVKgSGi6vdFTgxBNrr7K_rWuGB6YfL_P_4Jx_yuRpFQXIEr2LUzrArhVZce_xqQd9BAoDtAx3Xdva0BA_wp9SQy6_JMQsTLbnA8cjlmYdOjgLi9bMn7kFUvKZZWKoLi2n9hE0RJlL3Xyabqfp5RkjKq_TBRo2L4NyWatBaXki0CCEmq-C54ogZD0spSju6OYxx-Ndo7JlAwrNbSkRwI97k&sai=AMfl-YTxtKGc3ODZkL9wOF8FUeTSqlnA9zSw6V5qpdr7fcP883jopkGcmZReZ9TG0AWY3eOb0IBHXcpTE3sW3WrWnPu3Ji3BO8tODt2ukCgUVWVBINoNzFxe5F3sAQIewugpyvVtmQXH6g16PYGLNYvBnAi4gU7s4xSth7ik7fxyilER_aMToCoofTpxRtsRryga3bFQxp80n_WnWBwVDc8nmwXSs5qaLY16FvKI4hIIHLKFeLGlcgKRRu-aniahjhNExfs45gY&sig=Cg0ArKJSzJUhH7pugrT_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230906.55963&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 063E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
480623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
18285675924154781304
s0.2mdn.net/simgad/ Frame 063E 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18285675924154781304
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477b76854bf22bf2552616bec7fa4a2241d993539103fe95230cc8c99c28a4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 06:38:11 GMT
x-content-type-options
nosniff
age
38007
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149507
x-xss-protection
0
last-modified
Thu, 22 Jun 2023 05:55:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 06 Sep 2024 06:38:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0A32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C74C 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20faf2c3fdacef1f027bd51616076f5432d090d9fc2e3d7aefdb28dbc8346279
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i2m3Mr7CuT7APD2_snn0kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-i2m3Mr7CuT7APD2_snn0kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
expires
Thu, 07 Sep 2023 17:11:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame E592 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGJDaxfUBMAE&v=APEucNUvq4ve1fkqIy7LoJzd_VKfW0wO11UUvfT0SJkVW6l57s465F4zA7SufUB6eazeuTXPMIaaacFRF87HghR1nSncllNFzjrQ_i3cPSuVH7kvWKmmKHfa3aEvPyHGqp0Kcvu0CPQ5I8IWT3G3tbkAxuOGCmzRjmqcQVYgdSK1xlb91k3eookzzdEjMdpMUSWFDkYlovf9IcMreR8nWTh8bLJAkeGSSg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AA46 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA46 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWvB2amSwIY9hbER_wlDMPW5Fjk8q5TbNRPMFK_Nr7uQefEkZ21SeCrhyBK1_91BgLTxfhWP560mrvb3_tmJpakl_8CZ-tAKGfEuWTBSHjpYuB2RM
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA46 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4725914183025404504&x=1&ct=119
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame AA46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame AA46 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame AA46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFIEllraaq88dSvVGCsW9S8adU2cK1d4khk6cEuXsmaU-XYUwqyaNPTu6f3_l2Jhk__Xvyo1M21aFvDmYqCRgC2qI41A
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA46 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 09F5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 8CCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPueIpcdkVc62GFOPQEPMyc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 8CCC 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 8CCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Thu, 07 Sep 2023 17:11:38 GMT
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEAyNDSt4aU2tFdhGkQAWaEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8CCC 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYo4KW8wEwAQ&v=APEucNX8PBnG-lYpOsTNMDqVgIRcRIky771CdMow325yHjYvAsqqy1sr2uW5sp-9evBHgc9f2jz0mkD3iZdI1i53zoVEdpXfALs4tsHLy6d9rezAY6Tqb26AVdMjQcquUAnMs3FOhDIXkqiSO4V9Y2HcbpAkUNcRrWOGxF38soGBARoTfdhN198
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Thu, 07 Sep 2023 17:11:38 GMT
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
dt
dt.adsafeprotected.com/ Frame 0406 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fd9b5b4b-6dce-8959-4bfb-431f374fd85b&tv=%7Bc:nynHeU,pingTime:-10,time:607,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694106698320%7C%7C2ba155a77f021c75e358999184d04619%7C%7Caaf8e1c5fa6f2472e971350e5968c28c%7C%7C3a9dc60d066570f3115e2bb4e4cf09b9%7C%7C09d6283187c67927e495264850d1ca23%7C%7C76444a68c50fa913489eb38de0c03f20%7C%7C6d0a633152da62f4abcb9a6778c02d82%7C%7Caa1cb2c42cebcfcb95201b7c0b4ecb4b%7C%7C1663701684,im:%7BpWait:37%7D%7D
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1a
i.clean.gg/ Frame B4E7 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx/1.21.6
via
1.1 google
truncated
/ Frame 063E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b9a1a68204c0d283f06866baf7e6e4d491a944acc655edd72eeb821433c42f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69c45de961eb24cf709ea37cb2f6834bcfdefd572735fa8436f6f1f2aa18130a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90907
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Sep 2023 17:11:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C5BB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240102/pubads_impl.js?cb=31077596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:11:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 063E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswzU7kBUhlZgDp3fwH0X4bx2l-xnMx1I3GVOshic2yPI10339KTmY7oyJm9udxtTVNtCfqtXifi8izfqaFp9wTX66MSCZDvJUbZ7BUE5gQdcyE8cEMM9KC9F-TZWjhxdPqcDBkR95AESXbUczBO50TWyLVRPiczbYs0pwDG668O_RyfSJYdBBkWk6ZvFEx9pCuGVXi-w34BpWeOuXl0VIHeMM0LvS7TpMRCeM4jyKcSqQJ5utzH064qVtn37fCnI8G_jAsZXE1Bmk5OOqHCcak9vftqwOo2Ri3_NLmdqbyWRn_yL3ke-OF8yDy2HxxVHqnlkqWh9eKPiRC8XUq2ZEcEAL4C5V1qgyVkyInBM_YxWllwr6VljxU-xS817R89z9hJVmbcW6BpGEKEwIwW1MCwVNzD8OacSmnW2fQ4lmYHRYsXbYIcVx46CtWEzOMqvDbkl8pTlvDL4sdjM0XYvHnvHxDIOYY8Otfep8rPl0dh3ZVnyHva9pFGxYWsi1e3w-JTNgdviizHpQ_yQqf4CrYrXFE1K3Ds6E__hC-_AuYhyxWUXhsR8OpN7LTspmKDC1CZpjcuVuFXl5sb2RBai1vFwPghuSO5Px24-RUfGbNSL711YIKkRX42X9fm9u45MiffUsdicLCbDqpzouVj4zUTRbc_C7mRYpQNrlzAnaHH8N__7Yu62_3xdG5psi-GuXfNeLWvCnLlNMA0QjXCGYrBQ-K6SNHd1LETYgNzB2UWz3KdGuZJ59HzG5Wo7h3FjKVeLkg9pyDFzgUrM2oa2UxUFYhARLRoufdqjCRwJ8c4y0ScAaEzx1IsGENAkpSjXpvALZUdbBtTDLlY6N4XDEuI6UidIrs16tbfjXDEaCIg3y-aHvMoOKN3TzgY9Zd7hFL9u8V-p5sR58hu9QPwrQZrdmMnEN4EICcfhnyjhT9gCMVvakGuZdrmw7uDt-i74BVIscdQH5OpomH_PYHHkqfcYAI23oM-STeAijoz_tsoKoo4B42_NrdPbI_iV77GmdykvJ9-0E0CII33380BoTznlmzU8ZucFaKra4i7bcpSBWj_ZVKgSGi6vdFTgxBNrr7K_rWuGB6YfL_P_4Jx_yuRpFQXIEr2LUzrArhVZce_xqQd9BAoDtAx3Xdva0BA_wp9SQy6_JMQsTLbnA8cjlmYdOjgLi9bMn7kFUvKZZWKoLi2n9hE0RJlL3Xyabqfp5RkjKq_TBRo2L4NyWatBaXki0CCEmq-C54ogZD0spSju6OYxx-Ndo7JlAwrNbSkRwI97k&sai=AMfl-YTxtKGc3ODZkL9wOF8FUeTSqlnA9zSw6V5qpdr7fcP883jopkGcmZReZ9TG0AWY3eOb0IBHXcpTE3sW3WrWnPu3Ji3BO8tODt2ukCgUVWVBINoNzFxe5F3sAQIewugpyvVtmQXH6g16PYGLNYvBnAi4gU7s4xSth7ik7fxyilER_aMToCoofTpxRtsRryga3bFQxp80n_WnWBwVDc8nmwXSs5qaLY16FvKI4hIIHLKFeLGlcgKRRu-aniahjhNExfs45gY&sig=Cg0ArKJSzJUhH7pugrT_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&vt=11&dtpt=154&dett=2&cstd=0&cisv=r20230906.55963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BekUWxhhryzrC7nAK5YrkB4gLsiHM--KRC2a6ARL0IiyXeoTMN59BUtcQdvTd_3PK4sn6wfLPPSseG6yONdokLvZYI3w&cry=1&dbm_d=AKAmf-DE2K1I1H0Wz5C9vPoKzxeCIBVJPlPBhoyAaTCvOuwO40JTVqXVE1B9NrlZT-r5C_i2A6DDTiIt1vUy0_5wLvebHWwHFEROzRvFX17y5WIVZ6cPiyk6a2Gbha0hqSPz2mr-pEbYsf_z7fRjogstgvtoXJmPNL2VZed2N18-vWAUy3ShR-KSBv7wkJfiXNmyWVwlIOy_0sIIQPLhbavIAatNbyGpVC1lZdigyYS023Eq2D-bWmvHT0BKkopGeCMXohMMTt7vQIqSJeepu83G42WbFDx8D0GtCcHO0jOBgn78Rj9eXaJUM-mN7XkVp-9PzYLVHnRqrJsRFtWQCcXMKeFmJqaABaneukOLFruPT8ofb8E1OS1BZJxvJUuHHaILDryDGe-9GjXKueHhq45J3U6q_aTgLooEFwQNqtTaCZowPT5CFqdhVC0YgI_kWVSjwr0AskEss0IyupjPlyh6yzBtA2E5ll_abQ4lyzf3kXAkAuj4bjjy7nGzMkvBmAFMWlf9skCxTtk0zByb_f9MjREzny410BkrO_0lbkCWNdkh4HoCOn9eqN4vocswjdf2aFZq3PZn-nm432eiPa6owKaub3ROZJcWi_FgCFZWMsVwgNsQnVtYYFIlo0pnVBR_hl7kTkPOAKZfwikNn4r_GipQdB-yr1S8YgCDcpZx74aFXWZ6TrHJ4qaHfzjZ9_cTkmODqZBeiwf_VFCiZqmMAJrhPsMejjBuHXwoF6CXr5R4vVF1NSZjo6WWhJna_-4_Nf6uCiP7ClqzI2y9oBMHiwsS1q6Eu4eQcD55RjglS3U4L9iQiA4Sycahtn1-IpdfKIL8cRYNtQQhPvru_4ZD6qENBgSrVw2nfTPMHt2EggPzgNrkbuPpMSRJZTGsyEuBK83da2qh7U-VuHaa8pkEwnW2zQhC8ZUu-nkFuwasxpmlNU4Xf1hCL2BmK-Khb0Rat5JBeutFAyS4oLKEZN-9Gh1SXbSVQTX--H2osBxzMYB8htj3nuZ1h23kC_s472pJ_wMQUqF0bU8T-yxECbskIYnqh6BUZ7PJX-6jO2LDDieWMysd0Pr1YISt1jiOqQ2SjguVOEgzOBigzoYZvxEzcZD76flvF3AS082WgyXbJ6-P72wGrOrI76it6I-VZRhvhmeil-Z-fo0SjF_QKYrBAhC9K1qcA4FnQknBRGwFp3ZU0Tu6IYVF278pAmK_nsekBLDcSkRKSksOyTG8HNl1CDJeNGcUEcuqkhIUhYFYPOgs27Zmkn16MpfuI_-THSe3fj4B1iSyIyhhs9c5sGxXO2FcPFkUsMZRzGfVkysnSHQAFbEr8RlFz3W7aoE_vQ1WcNQaWVWQuR-vnqzwt0UXd1JCohepcxZbDdjis9E9VcpWTZBKjRO2G8j-HKwwGntUi4btflRUiGiR-AlSLa3frixalItHTS7VTxiN1RGL9CIq-9PvX2OUeUPBZVdY3j-F-0dh52nS204trdgx0OXNth_tRG19tnWzBl5WfG2Oc0zt9to8mLepzdh5JOPDq1V3mwPrO9O4oxweFjQht10G6kQgtE3JnRVf73wSKYMEwpqap-6m-u2pTvo09FZOBgXohGb8EzVh7nVLzb7Fze8iDsLgeq0MsZ5_YbGPvKmWE-RWpbfEBJLRA23oKuxHDBB0wyyO46GFHjzhpnhom2OacGM4RkxT1DJNRzF7Kr6ePlEYeKLU76-WDWXOgvU-2DG-COFiMrYU0K8ucg36B4QuXisIC8qJtlS6z96UCMkSCC4_62krVgbNe0tj-lIVNEW7AfkSNBBH6Y2A67ntT5CHoip8pO1F3fFts4N1MlcAIp4ixP7dkARJMVNHLeq9nlGzjNR4zt_v-IubGxwEHO-wMziVqcTUpq2wo3i-8ASFONxfpZRgF1id2HsUzXVczOxNsXQvOKys-o0qUwhL7mXFDW8AQJQKb3PYbaz1jYxJmPx5YRz_JtcyJlBzmlhCGWtV-LnCoz7P8rJoid2aSXhRbF6kvGEp0_IG1aUE-vMJa73OoCgNYt0H5qQh1R_5xYwT0D6FOrEBosa1-r6zyfjN0AKBKO_E3osV5jmgcrH-7Lasav3Bh8v-aoaZjka5slPaaDTuMVNM23__QWu3v9VvJe_q1ivJmA8YgqxFh6RP3RGZrfjnFq406gEdDInuyjedPMR21y8Ptf15XKqiudlEvYs9icUNXUgLBGgmmPGb7L9Tl_mCPk_ZbYZzsA9XPUnNNW17o2e0JP5kjBRdA_DI4m4RBYkXv2dknFnHo_G_FMd0oy910YzBLbGlnWdlq0Z25L9Du1slGRAtLkejq9CRUBERhWc79jNcQ4zQoJgBo8HoRNcXkpybiY6I91tEfMJu03_DepNmjFFn9D9hRn33S31X2xabDgtd57RvnKysNkKvc89aTKGs7vRPWHyPwoBzauQM9aQPNIw7GELIk_Dlm0kVQbCn9hmR76TbNJeyFhpgJ2zVHKQx4sOUK_7omWuAKCkKOZXASSQvNFkp6TGJJnlBQtDai9GA67xST-HELiF6p9LgUEUvyj13pP9CllLcTpVjaXv9pA1gT2F2hDNwUJZdDmQ6ATxlYKcTT406kp2xdJXNCmX1bKwbmkrTU5uifhK9rHzzuaF6RQbcBzVFojVUZnAEke71xkTOrRyIBcv4qaUIcjJ1WrcnPCwvwIo4sooTTCVjCqAPHlR5M2LHX3-tCrsm24MWEOEic_CNVhub1rAYMH8irKD5oqvjMfnPLBt8lwa54gBGb9_tAlV1bhj2C_Rnro3PERTPObJBS01VY1Dc_YZcsg4NUHfWm3j3Is3gyLGa8gjI6Aj53JSOUkCzN44FiflkYMpNny49JX2xyQrAWmLI3zaTlLWt4PnfNRnRTGBBz3sLx64BoFZ3_quL5OFyzuMwiRTvm9ea6SHwu-tOa6hmvJENloQVD0nN4D54maaZDbDg6mkVziprxzG9hhwuN_VpmCjsSu6gWgWoKudivI1I0bjW_0Ral9IAk5jHqn30x6vj7lbz-9IKt3-VMyFo3Ku2ShkolJNUa0xAdrIOnb9F4aJy5X3HHeeOeaNy5XEszj7bMgbjL4r-s510hP7KOp2STpUssl_oAn4W-DKjizJp6GPpJe_fhtzR1n3xUXetBjswwQip-xtz7MXfxKNv0CrkQEB1gHwlT_yN1uuZbDnLUgFbXWXkkvXjkmYy9H0ItqEMzp8sNnKOR-YjdHoD4DmlylWKEgMi3112Gc1ml8gUoCKdTXbmfRTOSQT99mNRVi8GqprH9Kad2NkngHZZN-LbudAKIdZKtKw1OeWhweF6xVr2CD8SJfAvh8p_LwP4wdo61TKK7GQcwXAWv82q9hVxZZy0RjVIonqgoCzLU4F5t89hBR8tekeU0JeOY569Rh4QN-mTxR7gvJ31phzAR0IBApnKsfnha79iIvinuBfjT7kneVlB7i8_WxYf10DvOKIaDJ6r7Ur-z6R9YpRQuq65hU2a_gI0cNg5nc8EoAO-gVnsDH8g9NrZ8AxDEBX3kyarHMKcY31vjMfpPSNzrnfIaiEX_MmtjLnlRdGHP0Y&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=10294665872422564000&adk=2265872549&idt=77&cac=0&dtd=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:38 GMT
partner
sync.search.spotxchange.com/ Frame E592
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame E592 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame E592 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGJDaxfUBMAE&v=APEucNUvq4ve1fkqIy7LoJzd_VKfW0wO11UUvfT0SJkVW6l57s465F4zA7SufUB6eazeuTXPMIaaacFRF87HghR1nSncllNFzjrQ_i3cPSuVH7kvWKmmKHfa3aEvPyHGqp0Kcvu0CPQ5I8IWT3G3tbkAxuOGCmzRjmqcQVYgdSK1xlb91k3eookzzdEjMdpMUSWFDkYlovf9IcMreR8nWTh8bLJAkeGSSg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
track.adform.net/adfscript/ Frame B4E7 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67239502;rtbwp=ZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw;rtbdata=xBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8f3822fa5fc1eb151d81f75450a122be1544018e50d031ed5fe03a0ae497cbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
928
expires
-1
17923302-ea49-4f72-939d-2d6268ae1b97
a1114.casalemedia.com/impression/v2/693656/111/cjt08i5aab7ta58qus10/ Frame B4E7 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1114.casalemedia.com/impression/v2/693656/111/cjt08i5aab7ta58qus10/17923302-ea49-4f72-939d-2d6268ae1b97?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1694107297&profileIDs=&creativeID=28d86a5&pubID=189372&format=banner&channel=site
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.45 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5341324531795&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5341324531795&version=m202307240101&ct=76&x=1&cor=16276339330048705000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 287E 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3uY2KSrQJDq8Dvf9ZbveiOzRaLfUfk2WXG2spGfBhx6D663SSSxDrvS1-LXwKGBpr4JQNqeffhGT5C2KLHMOeIYw8KtVNmzyTmA_a2aCnMitJpXt7PXAAogMYWnv4fnJIhQmxRw5K8awkEh7gSxxp9HpXtWSOB0s4K70FNNTgvtUd6Y&dbm_d=AKAmf-A0H81ZneAsxQSHdO-QR3hW6ajMe_-keB7uJwLMFM6_wrSa-MgTzWwIMXnVMPG3VkcoC-9QQ9uMc26Ftz6CDoO5_foDYAwGcA6Vt7C_gic1gBSjEsDXfJCrqHsDYiaRggqJmwwX6YNC3dKG2GR_6CsVgNSAWJjoRYDQuCcjKra2verwdQ42-xXAv4pdo1evg1GCS8yKL-hj8aWDjs2q4L-Vu8XdXqwFjNb5ZrmNeDA1-wRXmCBnzoqddM79Q3pXNgJK-86vWFpOzmTtGk_CiTpGQl9d6AYZZlYJlWIby2u0ALP5N9qzhmRf7Zet-liJR_V2tYXoAsF-dCKDFR4bcZS2E8AlsIBouIVujuwGK-x7o0zcCzjcuhoAhOh5ww-YCM-aJeAfxW46rulD5ln_kxa-gTXGbpy1o_NY1eRJ8zkd5ZPeBC1zc7q91riq9H9k_BZf13SE6FtAmd-_H3faTt21bG9IJjGbFYapDa9C9JVCxzUjuU9rXdNDf1L3Hao3Z0f_FiVnmK5ka9UQ7ebLdSP8P1AWm7ZG5IZ9SzTtHZGrhi4fzcTmZng8JUbX33Ta-0opF4EGuO5rKxtBzuk5JzMwaq3bPk2VsbtdYEpcAMGc00z2APQ5zgEk336MFbGg58d0Xo7fiXRA9Yl8POep2yBGIIUUOUlAeFrBw49rsPsNZAO1XGH_kkA6v1_y3K3l0ZvBZCdDX9rEDepI2uCb_4jZzV6srf6XbOUS9V-fvk74phzfybZmYzay95evgsUrgUvyK3rc8-5HZ6famUQ84Isg_o9PNnHfJNHUJeKAVYOsJxYx2gWThlstBOaoeK7cSgkw-NXYofdxcsW-EipYgHycAXIJFsCbpgzvmu_Qm7EPQ07XmQnYxVotZCZ5lLhWQPoQCdfcxCHzCghHaeTcMSHFC57HW_fC54Ng6fJgtaZt9YnOXwLL0Bd6rxwaMNJSwW7E6wZqxKTAeN0l09tI4kG-4-AidCscg0EOYvwNNTaE-5E4EA5L6N95sXYZY2j9mbOvYk1hgCFbJJpY9itcuDrfpc4gE2uuw4BJWGknI_u27UcdyqS4rxfkGw7wyJvGb_qZDAMVkKnHxyoVt9z_Rwks1rZIryvxEU-m0_LEqAQ29HW2cqCefoa11bZqw_h3O_ExsufGOXzspRVQXXyNnsQWzDfKy9VoLtIL4wHc7ELMyNBq6B5piya3zde8xM53ucAHb0NoC9tDbjL3xelV6EJd5p1qTuaRJFOfkD_P1j81P28RvMQGkMgHWrxF9zsOixitJxBeA-ZRBxSkLvjOJvvVvcbFKhGAaSclXVpPezHAPFRQLD8YOuAoy9wXnI-hHvumR-yEcC1F3ZJXhbhTNYm4__O7gv-1TDJdTjSZcEH2FSlNEJ-mVKrC6-DWc220VvrnTMXFIhb36jC17SvfPgcazTgApzcmQdi-IvhBY4eRhJmt5OE5n0NsR7cBQlk1aO9rt6UcbRzHlftVkjM_DljBBUjkGzVfSU4B3nuWiWHxcbe5c0LrGYMOsCDCJj7J9MJbZ00qZXPR94WXYzKJf2_92wPB1Hec6couYL0yqYZIKltOfJg2tqM2_jUaeHxLqOmkZ2fn-7VAS2QOWyIViqNQfSb03L17MWJ8F7QL2pddtyUDG4y4-Mu0nGu-arjS-7XLK64Swjfyw8lfshsnhI8Y9DiORYO0MHDVIG4FUE8Z6N0IuzYOJTZrd0wtxz1zqfZ71vSt21-Z8xTrXxZD3SvzldW2v62qurBNJ7tOG9kExADbtu8iUAarMDBs7tlhOIl_OfX_VROvsyMQe92jR7cDuZFabeWAibsa4-5tCktIeATVC9Lk-VDwNIdeOOVP_rfRL1SjE-DMl-awzosRSuyrZmhF4-3xtAp9NWayhpbhGSXPAnA0pviwPsiCwpVWxsr3Bl_euBkUtvw29vLonbQQoLvhP8j-H89PZhpYFt74DBQZFeNn31cXslwKcHPwdUv49zHbrovaAL5LGs-b_6YpxDGjK96zNWWy-HrxNjlWSpvBAZgKC2XFxAyqzvRBWyRvcXOOFotm5eS9pFj_K4uTj1XEQrGTzbS6KZaazjt1ebYkoWYbhQOVoyCS0vTqj2aN780C75IKaJ9jZbGwtVtee5INIuFO5_p2FpChzFQr7SIKhquQ43MrxIu7MMY7SkgnTm6zkHsSubLXRy3wE5jSHTQgueZlzN3MeRp8RbAneU8ggOKTWiBgW2eJPp0V5x-turz9M-ZQ5ZRNiIHEEhuAmM5dvtjTHCVp5cmwjlL9eXZIleY7J5eUv4_39wBqkC6pIycTYUngMS9n57G5i2vrRK7ZHGTkCtgX9ipFpQlBItmeTh6PP9Mfn-nKif3DOyYsWQ76KFb9_JcyY3wU1HkbgrZBmy8-1oLxN5ZynxJJtOUK5fcT4GrfyybMyb-V79cozvKa2rfE-SEmh0z34Gjc5Sw_nNVzQLzeO4Sn4cwOm3jqyRvgMjbQ-JW5huSwaSASTahaGs8ABhtq5hOwiJcmMNpqUcO5AiYE_qmgOy0j1kf38By2PwF2xHbYcR973pkNW1Uqg_KsXJndU0FQcHnjONsJltDZ0epr_rmRwyQP4ZWAMhhZPXeT368fqLQAI5mahf1PBJU_sDaR1iAqMprfDL4wVXFkt-7qwDCASbLRLhj2Gc4wVd4-GoREWtFgjp-QUiA7o-Ox20gRuoum2zEQOS0KHzg0uc29zqzcG4L67N_rAIm1DXGuRYh8e9n-WkVzKXg1OIICUFWpHX6DwlW1aUidTur5sRAnrY2bXzYzoOa17tfVk0p4s_iSuQ8RCKIcqDKJpNYxKd3AfshYE0UvTtCI454AlNo21NHJmF0h3EqQERoCoK6ijLCWd5OM-50ZKN-bF2VXXQbQAaJdVkgkhsS4oWcIzIlUoJkheqkg-ZOFPKQtxPuFpLyLB0GUmA-5Ohzq2b7wIO4ZaX4Bo6ZzUlWxr0wXWGKEOhvxODBrYRE94gANk5aZroeNhm-wMv2i3xCdPekX_8QcAZlclgwsxgBnN2WfzgqAJ-WdOK-W1J_GeWjYQTmW45dRkvbhvZ3Qv5ZiUJR0ajEoxrvFn-lAexcT8lC8UyvIL9QwVBQ7B6Y-8lRI-JI2_Q_GZrR7m-D6MPoj4c6CSFOJCt9XRyGKF5y9tqVaStiAaU-I4WNC5wltY7w_YPIoxVgs_vd7GzJpkhuI9LGTfFy5HstZnDTZlRmRci3eSfNjdPGAbH7EOmIRU5SdUkedSYO-_70sA0-9aGug4dC-Zgj36J8udMKFrJiWi1jvyN857zjzRZz1sz8BCRFyFJtpVqo7llPHVhZjJuE7fsPKE3vNksBfw-sak46n2lEmm_n1JbvPXOr0uPS4G1Uby9-_16eJ2QkH_FC1h_5ug_bUz6zDYPpTSHQTvWJZRehL91st56BSlJcrjwz23Ln7MB3ptz9a7_RV3Wy0OuwttwCZWmeePrxcNC60emiAyakFvmAtcWynOuV9Nsy4irM1VTODMcsO5K1UybdP2YIHvZbg_bZDseXxD_k4RcGKruPFkZnScvvtjmIRyjkr_GguBKxXJY3ywCNGAyLtzL-GlcE6DYZOpAFMWfTUveis08ju1CpxjNNvddEeW5UaY5q7h9q7hC1SdiAiZ9ny0euqltUKgdQLYN4sa7sMviVMNovl5PZEtEviPXfDnElrHhYWFd0EW2imBzpDl0Cf0kE-Xw_RULvPbyG333bOduYtGE8iGMKWxOImcwt87sRBbzQ&cid=CAQSKQBpAlJWDy22xRtbXACHgjwGnzWKl55j9yThCq_p8gzqoCRk7Z2OO2XZGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=16276339330048705000&adk=2215386029&idt=117&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdcf44413b3a8dfc11f8e144ef724859deb02d20dc706e16060ab0ffcf6ab380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40371
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8164968498124&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8164968498124&version=m202307240101&ct=119&x=1&cor=4725914183025405000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AA46 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX8HVNCptU68C4IWlBUvEbwdfEhLYJeqYOJ9HEe3Xy2ZAO1CZZ8xqxndKdaP1lhqqrS6q4uSpJC0rf8GbFftQvGeqGEtdmeQuJ8p53VnwxkJUZc_L3qBhTL1wyEwEJmMVH-bd2T-YT6gM9QaTr2y8g0tFoj7qpoK01dJAUUq4-tmRp_uk&cry=1&dbm_d=AKAmf-DaHZxazEAYDzYJqSNvZKH3w7gKYeDdrvm2MdG9g-04FlJCHPUlC7qR4NZnp2rJYijEfqqjUn2Az4sM2MW9kY9hcWoYhqnYBb2Ld4MtRPNUB3KFSrM0tv7e18rmkEEbBQ9AQ2M62EDaankNzPYwOW42RnWkw4hhhZkboDBQDAaKgJ4myqLIRVNqpSMr5YkCi_VFDHi2Eo9XcTuvjfOL-m6mlgGkLm_hLzaIvEHa2UHdqs43lqZ7_ihW_8coJXSRm3Ov0dAdqZzsXoq0ulZSLbl1REK-BAbn7wX3Lv0loAccwMfQ51lRxnpna7Am3hndNquup2kd73MLWI2PAN_lTfmOZB3Xw6SkSbgZxsVwQAcKt1wTLmqhH6_rGSthYhnguSJQPKosd7ZQ2ssvPjk28G0F1hZRSyL0qo_qtItfzfCZPr3qjpI_p9mUcR4QZjjjmsBZvZp9uHkdBqjmqMl8EJRoteSSs0dZUvYyEtjpbRPdmrsvkUw5cqjhrc1YVhpXPsyoPoRPpzMStf88hEIZUFS8R3_547JBPjaupz2FjE5fi8L7aREWYs1iWZCpE6cG97hEcjaz8yWjQ6eQXftxKEVo-TgpskGxBRXL8Yz4YOylgdL_7UWvXr4SHZNQhAtMsP9p-DdReMPxlW6T5iJtEhHUw-Cb8TnQYRTa2bcX-oL94CjZooivexn_BoQBe_GFJMtLmBgsYdJzsCDxzcqCEFMvxsQSktV90RQMsATpW3BCKnTZ4auzGPNWtAjJnay9UYFDuL0PDyDIyKCsDMZodO4iRzTlrcxTde-0Rbr-3M_shdgkDpZbixAWlP5N3yBW7grAacglRCcD1H11TTaNYAQaax6HVWBlhTG21Vk8YuWqLH2sn-94tV-P-Ff6TN622jnSFx2YhakxZuzaB90I8ksxLZKwWWSJrcE-enfVnz5_2LY4m807JYHdTUs_3tsHEsJE92r5oFVwR9NA6QacygpcLSbOz0vDWbhXKFNctJ4M1WQ8Uz2k7ttsEIzLQt27QWvZO6GLTkA1ed6FMveJu06pSoAOBVo-naSr_7u-S_EyoR90bvaTzNTPo_1EkGkRwAWM1qoli4E7_dQ_LSSHisDQ4JYf7jlg5Vh3bpS-KRnSq0LOFCUE_kGaf1_2-p0lFFNllQbwJ0Tat070kCq7qyoOnj3AnbOKj6aXXOv7rYTCU3sjfRY9a6NoaSVt6aERNkAhg2Y7CK-5XM7BdZlj2cuuQgsotWkOHBpX98tIm2_lb42vroAE9-PKscB1xyY6XFF0no9o9BxCCY-OnNSw8JPtAnY_XclJjIxIeURCIhPU5NagOpC6y7T3PHLBnpCzXc_0dgnukhqC3gPz84eykP0biJ5qQ-K-zZWD7C1AsKEwE8Ndp5gDdkm6MdFTzqc0XldvT8RwYjIQgfoNDjAR77r_Igo_yHbOJSbnT7IBDq_n-qnIak_mLxgkol7g5ICbDtq7o8QFJn6zB2wO_G1bnUsMJWJIJhUq8M9JJvEtFuKQ97qtbHzxpQ0bjt0lQD7HCO1Y06XwBGshL5uXoD_I11BBjqhddC4plbdGuReGLPvg9XC3iTyQGIrXrY_7OMreB8WH68jeAIc-0o-0YhNxXsCgiWKrwvChhcPnmgscOCJqVCCgUpYiWkyirBkJzfWgNaea6Y8UH8VGnlV6feaRZeXWKbit0s021S11ZVlLqNaEWJE4qkx61huMcVzI-PuUmApK1CANXdE29AjFbLosJuD9P94_7FLqarY9y3olOyJbF7JjfGAUjbX-FMX5OAEkJ1difEhbcKjvNxxzTFL8FzzMeLE6wRsZP-ctpvZNRrtttYvBLIAf9xdtRGZdFp8HzAY3so9y_0_wRWg9O2GEAcv05LZWZH3CPkhgVofugLjyn1PfGJfOi-Xemg52jnU21PS70dizUxzPLnm3Ev5MRXDhsQfNUO93S7X7_lZyVPZlldVhC9jP09t1iEM46-ZqhHzL3cQJ7n4s2Vkrtao7__4lIPMiaLNZvjwoK1IHUlaXLWXD4xqyvILLOZ_Rvzk5et7hcwVAnFAhxOcR9Tw_m50CFJ75ZZMoUh0DiogH2_TM9Q8ALvAWGDM2a9Vg6i13nDAq7ZiFG3_vGBY5Wpjs3BVKzTE602Gu9wHBCqjbDxHt_1QjhDjG1kuo-Pga8q1JiD6JqA73lSw2_H2vvd2lRTbbap6Qgm9BtoirAXaiNKJEK4a0fGNJ5svDN-mlg1clQWC5-x8hlBDgpvxKlBPKv7HbFHm4r0aKphbeKaa6A88cOz01b1nbWrZ82aEE_uw0g08yIdFnM8bfldf70vuOyS2U49BGFHFW1odeabbRebxrKS-e7R1_XSMs27mZOMmKQvoaHvMLgdJS-tj6JgQOxRIV8IxdZ9mrYJhuhs_SS6UYIdyZP1lRH0npUTqgN5PdxHD6QujVj8rpbYkzsk7kLjl5W1wsIKgcfV6W8nra7UvsKacBWFj6pcLyMhr8r2XFI-tf0kEEwW1KKFTsVgRsZvxGOX66X6CCD71ynCGRJ3O6RDKBxtYY7c5MUj4nILB7i8P3j9iAt9AjqNb1-oZJF2ixFQqDLRDhFMU97kas_CBk8-2woJ8BaxAc-3xsi-W77zTz_nXNvTZGgNsUPap7-HmWhr2aj5xaEXasUJvnnyi5fMHxpMtNeUEDIyk8TCqI_Gjfuf6kGnf9p0u_WraJ1YfiNpDZKIYUUhS6r8mRby-X1b5pbOjcuGdaKuBqnqJa4j5WLgYHtearw3JFjZkX3m_nc1FtGkroqiPWz9p9AnwXg7ilRHMdIA6Nt0kzhQwrpwwkM62MNWWg_sPc_cc-7Dx3BgZt3x5sdwizpWqVN5EI4mYHtMhON5erpbJSbmB_JTA9g5M7qhvcMxw6N_2JjmU24oNaVl3SbW2b5R-4hKYPUcpHVXivh1hy-1vmqrNhMnNuFSKGnKTJ3AgBJhGNSqprfGuIhy_zH9Oh3k4lAKUPTDy3r7XIUqB3VImciZWDA0G3ScTsu7BWiJR4_YW_LJQXq4dSgE6W6VmCFU_3g-oiL6QY8yOvurpSL2X1eYcgEa3QsRWbzOBBOCWXD2FtwSI-n-ZT9e7fcjzdWqx9pgSspaOTjpo2qLXD7rSdCGa8z1xZqDXaeNBHJT7vUHUA6BkqvtnWC53wsWkUNHSOBHyBQT1MUKr37h7oRtFBi92gFFjkjTDjiEntPtWrJZgltb0c7t3PcoAa91i8K084zIwj5k6biHzWvPGKH0D4gvzjKyeP_RrraLWXG7Uf1MDm51vWds6U-hMJXkOFCch4_Zy9f-ita3hWfRS3er8UId9l10_K7IEpbUEnkEVRAjkVd0NwIlYRDir4FcuP_2uDhaMme5L2PA2Zukcp7DhPbOuapmch6QSixk4R_BhjSn8qVxpGimQhzp1u4zouuN33AmRMUyZ1GVunGubOFuZZ9tUMS9FLMc7ICgVsyzGsiigdk_uZ1ejhnab1IKQlsgDDHSE7qT4SEdwKnu-3SOXMzUpaFQN9PfqIFVjOX9rmIIh-ugIhTuf6jTC2TfgMU-lhPfwqzyGakTPrvZ_fswLNfsrg57jawz3U8kROQHKIDVhrWf5VM0XB66FZNXAOL723Ayv9f8onrNSKUsXF_0kl5-TovDDmMP58o9bP_SyAWm48Zx1qdEPvPDhg7DkkwYNKaIIlvQ3fK0IXzziHUarXcMAmjGTpiSqfu8JjZ3P9Gn_CEoi2yx0UVRxgy4tFlT91vSegPraTKv0YXlnM6tt8PDX6GBh_hrZ6ohHHcO7DcPoiAsrT1QwfHkLTFBBPqVS03JCBvR-AMfzlOWDYXF_xldA0rTpWjhQzGNK6pTg90s_m1gvT3KR7wKcfaP650UAZdW0sHtXaw9_48MYuK2XC3fMbPp8EJUHGT31ObClNuuTVHaLU8rcAFbsuR9qTw_8Mant3jJcMG1YW4AyKdMv4I_ki2OhvPfxaSbTz2wMYV8zxAWOM394hhoom3LfOqYqfgJSL33CmwVVoykSIqzgIrmy-LEzD-fcl2ioqoKD83rMxkeSShZ6S6NiWOOReIOYiG9qMBsXthHphPvZ0ckm1kTuNqnLGwPU_WUsMFb_Vs13MVy_wUnlyK11bgy1PfEtmw_i5bwEWrISpZ08ZETnP0uB5_aAt5DqWC9zbu8yd1Kc98_sSXyrIwabEG1AeHrmubmsHKcz9X-HmbQ4V-TUbMeKeIMAP-E4t&cid=CAQSPABpAlJW5nYksCHU_PLYtRqd3rb9O9hbxRvfaRVpl4_uQsoIHV2sE7WyDss_9fn14nJxu91B8o0B-sQAqRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4725914183025405000&adk=496764934&idt=90&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea668e29aa412a57ade2fecdf59476037535e8c614b457e3658078d87cae7682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37892
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EC3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZoKgSQT6ZJK7GKi5x_APweSLqAUAAAAAOAHgBAI&bg=!4uGl4a7NAAa6D61Rmg87ADQBe5WfOHJ8cGN4SlosnotX3cJTYqLpCFvjjPc_ig0_xzncSYCT9B5L9GK5r5AXDT9VpBVtAgAAAZZSAAAACGgBB5kDSGPWa4ayuy-hjWqxgxlwAmj2QQByF3NkdwzAIpibzki9hoSLaZTzhIQ-TzFWpiNedXA40o2rWLlzL8lthXk9lnj_tcKSAiRgPxj0fApNen2Mgd-BaWYvOpMQnh-L1Pt0UKNTM4Hw-Eod_lRyYu3YcSdB3Ipcr3g6b2sTrwKRSAHIOdKApyAPZbitVM50stiO1uIyypdK8WY-tfAIuYoOw2TVrx1_PzX4LUyzbInaOW3IiuTdOieIAoAA5Isdo54WWAj_hbWzk8UKy8t6teMqZ2gQovzMclrhCHfjagNnPcdMMYpnB5_jBwPqAt1MwZRdzw6x3B82sUiFTADsiasYuzGwk23XgKKPg3YreiSTI7faZpzuWDqfEWHyoJCxecSOkgnzkHBS2lp_CGMDmzUtpxn1mDWxq30C3BhDV4I6yO6Gd-cN51Ife4gZfVr8Yy1pMdL21AKHtlvCFPrEs3H-rZb9JClnDYQpO86rVvK0yudF6ZZ-38r_WM5vXcrBgqBWZCyQBCdGsMzHyx8afJLdZwvcY9MtbqnM2tP2Pj-lHf9COtgbZ-zSoEi6eKpWJ3rrxxrnufmzxY8SvwW_j65ZogvQDDGJBDubESG8vfNWeMog96KHTP-KetHvwkADAtRcCkmiL8v_nFeYJAkdMARbNE5fytsccMS8RdceIhn23eRq1tRxPT_BXNP74qOH28X_TN4rRIWjLrSX832K4iAjmnfxHyuUY1WtSxcUYON0Ckv2WTSRP9B5xLkTz0gH9xw-GfhfDwRcqFbbviHL3MrX-pf7GUwjcFpn6pL4LU7q5Oie__vsCNe1YQPtzsBGF05FFwaecWrgYzdHvRDKaddet4spyupJn5bop6Ij6o8aHo7eGss0h7qqEgVWFGwoADQNTc7f13BIeHRBoNKE8GRQ92dcdAMkQ_UzDDHyFfw7650R-oRD5bY9kJU5CVjIBxGBJRro712ee8pP84FjNnulIpQxVc5N6NdZMrkhabuxOsx4tr4RTDveVIDJ1nc_rfvdCfbgHPXhiFCZh-SxiOEjh1DdTdhNvRpHYk2cRKIdD3fXg4V1Bv85KfRzuV879GMVxcF4AKC-0CKH00ZHNw-kt3ZjR6PzSQLsrA
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D43E 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame D43E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D43E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame D43E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame D43E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQD4CiqeYugaqaG_ave4mYOWhnmjOx8wdHARY-JqyB3AqDrv5XpP6zq8vfAL0Bg7Uoc1uPQQwbfN1iRLjvCECC_ySKYzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D43E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame D43E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 01:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 22:08:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:09:15 GMT
i.match
s.tribalfusion.com/z/ Frame 09F5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs...
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
803092737c683631-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
14
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR8vjkIqeEv9U2pHzGHbuzccndC37gYXQ9icIV_asg5RqMpFgPO-wYjbogvFLb8qcgy-eEqwUpQTfvoTSf8YA9eXneFBfs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
80309271a9eb3631-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 09F5 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP60PONKRH4EU3zb9_Tz0U8&google_cver=1&google_push=AXcoOmScZIgUjA9uYddfx-z4NTYMjnvcQeGuzumGcKRQXOUXm7NYtvPtXCY8VLymDiNi_QhuX8Jx-zMxHAb_-ghehoGkcVaLEfI
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.107.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
dds
rtb.openx.net/sync/ Frame 09F5 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIcYUogx3FHql1E2MTs1bII&google_cver=1&google_push=AXcoOmSpT3RffuKBiDm1rPR7G0qNRiGlrH6U2cF4Qs2Q-CVAPaZgu73-7iLDoGmwFdQtXtd5Gwb1vPlXF0n0WWpllmVXspU4_AQ
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 09F5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMh...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMhvgwfKcd6jXGViTiBZ1Zt_4F4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMhvgwfKcd6jXGViTiBZ1Zt_4F4
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmT34B9oDCB9yhfOKxe11obVODRKiUYOJ55yNsGqIIF9vuG0jYO6b3MZNPf9EbhWLf8MKMhvgwfKcd6jXGViTiBZ1Zt_4F4
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
us
sync.go.sonobi.com/ Frame 09F5 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTn4ruWBVyIUVXVHxhXfDijzOcPDzrsjUVachTDhJAtkaRbqNDdRYVcpJRqMn-LXpE6WC3GxokydnbFeHFDyzgPqvVvAQ%26google_hm%3D%5BUID%5D&google_gid=CAESEPEF6HRS-0oPn7m261PYV2I&google_cver=1
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-76
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09F5
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOd2O6Kz-bOVj3oHlRi93Dk&google_cver=1&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt4FhqKZ3Z4HA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt4FhqKZ3Z4HA
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmS5J1F4VF3tVMJlAu9pjbGgJYyG3q2T_6ZJH_95r6dQEalxdHWu4VK-KWEf9h94tZYLswRjZVXSBi0IpUAt4FhqKZ3Z4HA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
gscw6-Uv9xvy2CNPKaS8Awjziiyh93OA4fcvwPbxNzUgdbAm-x0jOQ==
/
cc.adingo.jp/adx/push/ Frame 09F5 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEHFJ-1brlB-5VU9eKs0x-HE&google_cver=1&google_push=AXcoOmQZ94vtuyP2_QgaPo7mp3Vm0vP8i_dh6z_Pkvif7vHLwrl6m-1cPTSwxCw-7iadQhl7_rywE4KM1pPcFKwn_EP_XQBs1A
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.230.13.81 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-13-81.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 09F5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeDgTk9ffGlWTZJvYYzV1vQ7uNjVPK8CE8H1KA8fDZ_dkWqR44QDFmzrVUyiC_MxRc_PCA
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1kJ6CkbX8Lh3ak7bD2SvWaWM4WFPjbeNlSngPUxD8on60iAbofxwbIICwtQRGPPlxS4b6YYAYfO-i77qfA7kxeTXD0FTcKKsbXU1bVTdbHtnisKE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4840758945494097093&x=1&ct=77
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2F4F 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 2F4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 2F4F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
11178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame 2F4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqIyFjZjTIfF0jRp_cS1IbDKm2xN353XJPKLvSreogzEZNBCd55-mxNXMQfuy0st2O_BZAPejrX2RT0jxGR4QCkr5C7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F4F 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CAB9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383993
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 160E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C74C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=4006974417168763&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28DB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A325 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc840bee9c75f9be79501bb274278e03bcd666f81ca274054936d30eac3eb843
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kFfADQZVIVUZTjMCzgdAQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
539
content-security-policy
script-src 'report-sample' 'nonce-kFfADQZVIVUZTjMCzgdAQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
expires
Thu, 07 Sep 2023 17:11:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame D0C5 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVX0BJUFDSNaJTiZVSDxND6HvrjbRgGD8fM6z8s8x7PjyDYMJu2w0_aElLNnCWfE_UjJUznjfSvKdeXmTdYJh6DUOXWH7sYOvdr1PTxj2SZmbWs1Rn8sCYeBP_7bnKT6zS-dciKa_ppVkla-eBQo708YcmMjEFq8cT-mOe-fy71ZCcZqCw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame B4E7 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/7916650952809395787/ Frame D43E 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7916650952809395787/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec76eff0c43cc54492c5aedd759cc74cf0626ad0d38ec0dfd6fed6960e86a9af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 16:03:59 GMT
x-content-type-options
nosniff
age
436059
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61925
x-xss-protection
0
last-modified
Wed, 21 Jun 2023 06:57:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Sep 2024 16:03:59 GMT
truncated
/ Frame D43E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d293c88ac4a69e4639c2264aecd15890751f1972d5f9b98829db400260cac71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 0A32 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960h2&_p=631426543&cid=626269215.1694106697&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694106698&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame AA46 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Origin
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 10:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 10:55:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame AA46 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX8HVNCptU68C4IWlBUvEbwdfEhLYJeqYOJ9HEe3Xy2ZAO1CZZ8xqxndKdaP1lhqqrS6q4uSpJC0rf8GbFftQvGeqGEtdmeQuJ8p53VnwxkJUZc_L3qBhTL1wyEwEJmMVH-bd2T-YT6gM9QaTr2y8g0tFoj7qpoK01dJAUUq4-tmRp_uk&cry=1&dbm_d=AKAmf-DaHZxazEAYDzYJqSNvZKH3w7gKYeDdrvm2MdG9g-04FlJCHPUlC7qR4NZnp2rJYijEfqqjUn2Az4sM2MW9kY9hcWoYhqnYBb2Ld4MtRPNUB3KFSrM0tv7e18rmkEEbBQ9AQ2M62EDaankNzPYwOW42RnWkw4hhhZkboDBQDAaKgJ4myqLIRVNqpSMr5YkCi_VFDHi2Eo9XcTuvjfOL-m6mlgGkLm_hLzaIvEHa2UHdqs43lqZ7_ihW_8coJXSRm3Ov0dAdqZzsXoq0ulZSLbl1REK-BAbn7wX3Lv0loAccwMfQ51lRxnpna7Am3hndNquup2kd73MLWI2PAN_lTfmOZB3Xw6SkSbgZxsVwQAcKt1wTLmqhH6_rGSthYhnguSJQPKosd7ZQ2ssvPjk28G0F1hZRSyL0qo_qtItfzfCZPr3qjpI_p9mUcR4QZjjjmsBZvZp9uHkdBqjmqMl8EJRoteSSs0dZUvYyEtjpbRPdmrsvkUw5cqjhrc1YVhpXPsyoPoRPpzMStf88hEIZUFS8R3_547JBPjaupz2FjE5fi8L7aREWYs1iWZCpE6cG97hEcjaz8yWjQ6eQXftxKEVo-TgpskGxBRXL8Yz4YOylgdL_7UWvXr4SHZNQhAtMsP9p-DdReMPxlW6T5iJtEhHUw-Cb8TnQYRTa2bcX-oL94CjZooivexn_BoQBe_GFJMtLmBgsYdJzsCDxzcqCEFMvxsQSktV90RQMsATpW3BCKnTZ4auzGPNWtAjJnay9UYFDuL0PDyDIyKCsDMZodO4iRzTlrcxTde-0Rbr-3M_shdgkDpZbixAWlP5N3yBW7grAacglRCcD1H11TTaNYAQaax6HVWBlhTG21Vk8YuWqLH2sn-94tV-P-Ff6TN622jnSFx2YhakxZuzaB90I8ksxLZKwWWSJrcE-enfVnz5_2LY4m807JYHdTUs_3tsHEsJE92r5oFVwR9NA6QacygpcLSbOz0vDWbhXKFNctJ4M1WQ8Uz2k7ttsEIzLQt27QWvZO6GLTkA1ed6FMveJu06pSoAOBVo-naSr_7u-S_EyoR90bvaTzNTPo_1EkGkRwAWM1qoli4E7_dQ_LSSHisDQ4JYf7jlg5Vh3bpS-KRnSq0LOFCUE_kGaf1_2-p0lFFNllQbwJ0Tat070kCq7qyoOnj3AnbOKj6aXXOv7rYTCU3sjfRY9a6NoaSVt6aERNkAhg2Y7CK-5XM7BdZlj2cuuQgsotWkOHBpX98tIm2_lb42vroAE9-PKscB1xyY6XFF0no9o9BxCCY-OnNSw8JPtAnY_XclJjIxIeURCIhPU5NagOpC6y7T3PHLBnpCzXc_0dgnukhqC3gPz84eykP0biJ5qQ-K-zZWD7C1AsKEwE8Ndp5gDdkm6MdFTzqc0XldvT8RwYjIQgfoNDjAR77r_Igo_yHbOJSbnT7IBDq_n-qnIak_mLxgkol7g5ICbDtq7o8QFJn6zB2wO_G1bnUsMJWJIJhUq8M9JJvEtFuKQ97qtbHzxpQ0bjt0lQD7HCO1Y06XwBGshL5uXoD_I11BBjqhddC4plbdGuReGLPvg9XC3iTyQGIrXrY_7OMreB8WH68jeAIc-0o-0YhNxXsCgiWKrwvChhcPnmgscOCJqVCCgUpYiWkyirBkJzfWgNaea6Y8UH8VGnlV6feaRZeXWKbit0s021S11ZVlLqNaEWJE4qkx61huMcVzI-PuUmApK1CANXdE29AjFbLosJuD9P94_7FLqarY9y3olOyJbF7JjfGAUjbX-FMX5OAEkJ1difEhbcKjvNxxzTFL8FzzMeLE6wRsZP-ctpvZNRrtttYvBLIAf9xdtRGZdFp8HzAY3so9y_0_wRWg9O2GEAcv05LZWZH3CPkhgVofugLjyn1PfGJfOi-Xemg52jnU21PS70dizUxzPLnm3Ev5MRXDhsQfNUO93S7X7_lZyVPZlldVhC9jP09t1iEM46-ZqhHzL3cQJ7n4s2Vkrtao7__4lIPMiaLNZvjwoK1IHUlaXLWXD4xqyvILLOZ_Rvzk5et7hcwVAnFAhxOcR9Tw_m50CFJ75ZZMoUh0DiogH2_TM9Q8ALvAWGDM2a9Vg6i13nDAq7ZiFG3_vGBY5Wpjs3BVKzTE602Gu9wHBCqjbDxHt_1QjhDjG1kuo-Pga8q1JiD6JqA73lSw2_H2vvd2lRTbbap6Qgm9BtoirAXaiNKJEK4a0fGNJ5svDN-mlg1clQWC5-x8hlBDgpvxKlBPKv7HbFHm4r0aKphbeKaa6A88cOz01b1nbWrZ82aEE_uw0g08yIdFnM8bfldf70vuOyS2U49BGFHFW1odeabbRebxrKS-e7R1_XSMs27mZOMmKQvoaHvMLgdJS-tj6JgQOxRIV8IxdZ9mrYJhuhs_SS6UYIdyZP1lRH0npUTqgN5PdxHD6QujVj8rpbYkzsk7kLjl5W1wsIKgcfV6W8nra7UvsKacBWFj6pcLyMhr8r2XFI-tf0kEEwW1KKFTsVgRsZvxGOX66X6CCD71ynCGRJ3O6RDKBxtYY7c5MUj4nILB7i8P3j9iAt9AjqNb1-oZJF2ixFQqDLRDhFMU97kas_CBk8-2woJ8BaxAc-3xsi-W77zTz_nXNvTZGgNsUPap7-HmWhr2aj5xaEXasUJvnnyi5fMHxpMtNeUEDIyk8TCqI_Gjfuf6kGnf9p0u_WraJ1YfiNpDZKIYUUhS6r8mRby-X1b5pbOjcuGdaKuBqnqJa4j5WLgYHtearw3JFjZkX3m_nc1FtGkroqiPWz9p9AnwXg7ilRHMdIA6Nt0kzhQwrpwwkM62MNWWg_sPc_cc-7Dx3BgZt3x5sdwizpWqVN5EI4mYHtMhON5erpbJSbmB_JTA9g5M7qhvcMxw6N_2JjmU24oNaVl3SbW2b5R-4hKYPUcpHVXivh1hy-1vmqrNhMnNuFSKGnKTJ3AgBJhGNSqprfGuIhy_zH9Oh3k4lAKUPTDy3r7XIUqB3VImciZWDA0G3ScTsu7BWiJR4_YW_LJQXq4dSgE6W6VmCFU_3g-oiL6QY8yOvurpSL2X1eYcgEa3QsRWbzOBBOCWXD2FtwSI-n-ZT9e7fcjzdWqx9pgSspaOTjpo2qLXD7rSdCGa8z1xZqDXaeNBHJT7vUHUA6BkqvtnWC53wsWkUNHSOBHyBQT1MUKr37h7oRtFBi92gFFjkjTDjiEntPtWrJZgltb0c7t3PcoAa91i8K084zIwj5k6biHzWvPGKH0D4gvzjKyeP_RrraLWXG7Uf1MDm51vWds6U-hMJXkOFCch4_Zy9f-ita3hWfRS3er8UId9l10_K7IEpbUEnkEVRAjkVd0NwIlYRDir4FcuP_2uDhaMme5L2PA2Zukcp7DhPbOuapmch6QSixk4R_BhjSn8qVxpGimQhzp1u4zouuN33AmRMUyZ1GVunGubOFuZZ9tUMS9FLMc7ICgVsyzGsiigdk_uZ1ejhnab1IKQlsgDDHSE7qT4SEdwKnu-3SOXMzUpaFQN9PfqIFVjOX9rmIIh-ugIhTuf6jTC2TfgMU-lhPfwqzyGakTPrvZ_fswLNfsrg57jawz3U8kROQHKIDVhrWf5VM0XB66FZNXAOL723Ayv9f8onrNSKUsXF_0kl5-TovDDmMP58o9bP_SyAWm48Zx1qdEPvPDhg7DkkwYNKaIIlvQ3fK0IXzziHUarXcMAmjGTpiSqfu8JjZ3P9Gn_CEoi2yx0UVRxgy4tFlT91vSegPraTKv0YXlnM6tt8PDX6GBh_hrZ6ohHHcO7DcPoiAsrT1QwfHkLTFBBPqVS03JCBvR-AMfzlOWDYXF_xldA0rTpWjhQzGNK6pTg90s_m1gvT3KR7wKcfaP650UAZdW0sHtXaw9_48MYuK2XC3fMbPp8EJUHGT31ObClNuuTVHaLU8rcAFbsuR9qTw_8Mant3jJcMG1YW4AyKdMv4I_ki2OhvPfxaSbTz2wMYV8zxAWOM394hhoom3LfOqYqfgJSL33CmwVVoykSIqzgIrmy-LEzD-fcl2ioqoKD83rMxkeSShZ6S6NiWOOReIOYiG9qMBsXthHphPvZ0ckm1kTuNqnLGwPU_WUsMFb_Vs13MVy_wUnlyK11bgy1PfEtmw_i5bwEWrISpZ08ZETnP0uB5_aAt5DqWC9zbu8yd1Kc98_sSXyrIwabEG1AeHrmubmsHKcz9X-HmbQ4V-TUbMeKeIMAP-E4t&cid=CAQSPABpAlJW5nYksCHU_PLYtRqd3rb9O9hbxRvfaRVpl4_uQsoIHV2sE7WyDss_9fn14nJxu91B8o0B-sQAqRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4725914183025405000&adk=496764934&idt=90&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
10708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:13:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame AA46 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AX8HVNCptU68C4IWlBUvEbwdfEhLYJeqYOJ9HEe3Xy2ZAO1CZZ8xqxndKdaP1lhqqrS6q4uSpJC0rf8GbFftQvGeqGEtdmeQuJ8p53VnwxkJUZc_L3qBhTL1wyEwEJmMVH-bd2T-YT6gM9QaTr2y8g0tFoj7qpoK01dJAUUq4-tmRp_uk&cry=1&dbm_d=AKAmf-DaHZxazEAYDzYJqSNvZKH3w7gKYeDdrvm2MdG9g-04FlJCHPUlC7qR4NZnp2rJYijEfqqjUn2Az4sM2MW9kY9hcWoYhqnYBb2Ld4MtRPNUB3KFSrM0tv7e18rmkEEbBQ9AQ2M62EDaankNzPYwOW42RnWkw4hhhZkboDBQDAaKgJ4myqLIRVNqpSMr5YkCi_VFDHi2Eo9XcTuvjfOL-m6mlgGkLm_hLzaIvEHa2UHdqs43lqZ7_ihW_8coJXSRm3Ov0dAdqZzsXoq0ulZSLbl1REK-BAbn7wX3Lv0loAccwMfQ51lRxnpna7Am3hndNquup2kd73MLWI2PAN_lTfmOZB3Xw6SkSbgZxsVwQAcKt1wTLmqhH6_rGSthYhnguSJQPKosd7ZQ2ssvPjk28G0F1hZRSyL0qo_qtItfzfCZPr3qjpI_p9mUcR4QZjjjmsBZvZp9uHkdBqjmqMl8EJRoteSSs0dZUvYyEtjpbRPdmrsvkUw5cqjhrc1YVhpXPsyoPoRPpzMStf88hEIZUFS8R3_547JBPjaupz2FjE5fi8L7aREWYs1iWZCpE6cG97hEcjaz8yWjQ6eQXftxKEVo-TgpskGxBRXL8Yz4YOylgdL_7UWvXr4SHZNQhAtMsP9p-DdReMPxlW6T5iJtEhHUw-Cb8TnQYRTa2bcX-oL94CjZooivexn_BoQBe_GFJMtLmBgsYdJzsCDxzcqCEFMvxsQSktV90RQMsATpW3BCKnTZ4auzGPNWtAjJnay9UYFDuL0PDyDIyKCsDMZodO4iRzTlrcxTde-0Rbr-3M_shdgkDpZbixAWlP5N3yBW7grAacglRCcD1H11TTaNYAQaax6HVWBlhTG21Vk8YuWqLH2sn-94tV-P-Ff6TN622jnSFx2YhakxZuzaB90I8ksxLZKwWWSJrcE-enfVnz5_2LY4m807JYHdTUs_3tsHEsJE92r5oFVwR9NA6QacygpcLSbOz0vDWbhXKFNctJ4M1WQ8Uz2k7ttsEIzLQt27QWvZO6GLTkA1ed6FMveJu06pSoAOBVo-naSr_7u-S_EyoR90bvaTzNTPo_1EkGkRwAWM1qoli4E7_dQ_LSSHisDQ4JYf7jlg5Vh3bpS-KRnSq0LOFCUE_kGaf1_2-p0lFFNllQbwJ0Tat070kCq7qyoOnj3AnbOKj6aXXOv7rYTCU3sjfRY9a6NoaSVt6aERNkAhg2Y7CK-5XM7BdZlj2cuuQgsotWkOHBpX98tIm2_lb42vroAE9-PKscB1xyY6XFF0no9o9BxCCY-OnNSw8JPtAnY_XclJjIxIeURCIhPU5NagOpC6y7T3PHLBnpCzXc_0dgnukhqC3gPz84eykP0biJ5qQ-K-zZWD7C1AsKEwE8Ndp5gDdkm6MdFTzqc0XldvT8RwYjIQgfoNDjAR77r_Igo_yHbOJSbnT7IBDq_n-qnIak_mLxgkol7g5ICbDtq7o8QFJn6zB2wO_G1bnUsMJWJIJhUq8M9JJvEtFuKQ97qtbHzxpQ0bjt0lQD7HCO1Y06XwBGshL5uXoD_I11BBjqhddC4plbdGuReGLPvg9XC3iTyQGIrXrY_7OMreB8WH68jeAIc-0o-0YhNxXsCgiWKrwvChhcPnmgscOCJqVCCgUpYiWkyirBkJzfWgNaea6Y8UH8VGnlV6feaRZeXWKbit0s021S11ZVlLqNaEWJE4qkx61huMcVzI-PuUmApK1CANXdE29AjFbLosJuD9P94_7FLqarY9y3olOyJbF7JjfGAUjbX-FMX5OAEkJ1difEhbcKjvNxxzTFL8FzzMeLE6wRsZP-ctpvZNRrtttYvBLIAf9xdtRGZdFp8HzAY3so9y_0_wRWg9O2GEAcv05LZWZH3CPkhgVofugLjyn1PfGJfOi-Xemg52jnU21PS70dizUxzPLnm3Ev5MRXDhsQfNUO93S7X7_lZyVPZlldVhC9jP09t1iEM46-ZqhHzL3cQJ7n4s2Vkrtao7__4lIPMiaLNZvjwoK1IHUlaXLWXD4xqyvILLOZ_Rvzk5et7hcwVAnFAhxOcR9Tw_m50CFJ75ZZMoUh0DiogH2_TM9Q8ALvAWGDM2a9Vg6i13nDAq7ZiFG3_vGBY5Wpjs3BVKzTE602Gu9wHBCqjbDxHt_1QjhDjG1kuo-Pga8q1JiD6JqA73lSw2_H2vvd2lRTbbap6Qgm9BtoirAXaiNKJEK4a0fGNJ5svDN-mlg1clQWC5-x8hlBDgpvxKlBPKv7HbFHm4r0aKphbeKaa6A88cOz01b1nbWrZ82aEE_uw0g08yIdFnM8bfldf70vuOyS2U49BGFHFW1odeabbRebxrKS-e7R1_XSMs27mZOMmKQvoaHvMLgdJS-tj6JgQOxRIV8IxdZ9mrYJhuhs_SS6UYIdyZP1lRH0npUTqgN5PdxHD6QujVj8rpbYkzsk7kLjl5W1wsIKgcfV6W8nra7UvsKacBWFj6pcLyMhr8r2XFI-tf0kEEwW1KKFTsVgRsZvxGOX66X6CCD71ynCGRJ3O6RDKBxtYY7c5MUj4nILB7i8P3j9iAt9AjqNb1-oZJF2ixFQqDLRDhFMU97kas_CBk8-2woJ8BaxAc-3xsi-W77zTz_nXNvTZGgNsUPap7-HmWhr2aj5xaEXasUJvnnyi5fMHxpMtNeUEDIyk8TCqI_Gjfuf6kGnf9p0u_WraJ1YfiNpDZKIYUUhS6r8mRby-X1b5pbOjcuGdaKuBqnqJa4j5WLgYHtearw3JFjZkX3m_nc1FtGkroqiPWz9p9AnwXg7ilRHMdIA6Nt0kzhQwrpwwkM62MNWWg_sPc_cc-7Dx3BgZt3x5sdwizpWqVN5EI4mYHtMhON5erpbJSbmB_JTA9g5M7qhvcMxw6N_2JjmU24oNaVl3SbW2b5R-4hKYPUcpHVXivh1hy-1vmqrNhMnNuFSKGnKTJ3AgBJhGNSqprfGuIhy_zH9Oh3k4lAKUPTDy3r7XIUqB3VImciZWDA0G3ScTsu7BWiJR4_YW_LJQXq4dSgE6W6VmCFU_3g-oiL6QY8yOvurpSL2X1eYcgEa3QsRWbzOBBOCWXD2FtwSI-n-ZT9e7fcjzdWqx9pgSspaOTjpo2qLXD7rSdCGa8z1xZqDXaeNBHJT7vUHUA6BkqvtnWC53wsWkUNHSOBHyBQT1MUKr37h7oRtFBi92gFFjkjTDjiEntPtWrJZgltb0c7t3PcoAa91i8K084zIwj5k6biHzWvPGKH0D4gvzjKyeP_RrraLWXG7Uf1MDm51vWds6U-hMJXkOFCch4_Zy9f-ita3hWfRS3er8UId9l10_K7IEpbUEnkEVRAjkVd0NwIlYRDir4FcuP_2uDhaMme5L2PA2Zukcp7DhPbOuapmch6QSixk4R_BhjSn8qVxpGimQhzp1u4zouuN33AmRMUyZ1GVunGubOFuZZ9tUMS9FLMc7ICgVsyzGsiigdk_uZ1ejhnab1IKQlsgDDHSE7qT4SEdwKnu-3SOXMzUpaFQN9PfqIFVjOX9rmIIh-ugIhTuf6jTC2TfgMU-lhPfwqzyGakTPrvZ_fswLNfsrg57jawz3U8kROQHKIDVhrWf5VM0XB66FZNXAOL723Ayv9f8onrNSKUsXF_0kl5-TovDDmMP58o9bP_SyAWm48Zx1qdEPvPDhg7DkkwYNKaIIlvQ3fK0IXzziHUarXcMAmjGTpiSqfu8JjZ3P9Gn_CEoi2yx0UVRxgy4tFlT91vSegPraTKv0YXlnM6tt8PDX6GBh_hrZ6ohHHcO7DcPoiAsrT1QwfHkLTFBBPqVS03JCBvR-AMfzlOWDYXF_xldA0rTpWjhQzGNK6pTg90s_m1gvT3KR7wKcfaP650UAZdW0sHtXaw9_48MYuK2XC3fMbPp8EJUHGT31ObClNuuTVHaLU8rcAFbsuR9qTw_8Mant3jJcMG1YW4AyKdMv4I_ki2OhvPfxaSbTz2wMYV8zxAWOM394hhoom3LfOqYqfgJSL33CmwVVoykSIqzgIrmy-LEzD-fcl2ioqoKD83rMxkeSShZ6S6NiWOOReIOYiG9qMBsXthHphPvZ0ckm1kTuNqnLGwPU_WUsMFb_Vs13MVy_wUnlyK11bgy1PfEtmw_i5bwEWrISpZ08ZETnP0uB5_aAt5DqWC9zbu8yd1Kc98_sSXyrIwabEG1AeHrmubmsHKcz9X-HmbQ4V-TUbMeKeIMAP-E4t&cid=CAQSPABpAlJW5nYksCHU_PLYtRqd3rb9O9hbxRvfaRVpl4_uQsoIHV2sE7WyDss_9fn14nJxu91B8o0B-sQAqRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=4725914183025405000&adk=496764934&idt=90&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:11:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AA46 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
480623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1593509/73170905/ Frame 287E 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1593509/73170905/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014084652&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20454105566&bidurl=https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ias_dealId=&xsId=ABAjH0gbeobNGVybMARLQd0n3eEZ&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gbeobNGVybMARLQd0n3eEZ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.24.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-24-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
02aeab19d95da55371abf742de8294d97bd8c7cb3f8403cb6f36da9ec0d6968a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 287E 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 10:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 10:55:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 287E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3uY2KSrQJDq8Dvf9ZbveiOzRaLfUfk2WXG2spGfBhx6D663SSSxDrvS1-LXwKGBpr4JQNqeffhGT5C2KLHMOeIYw8KtVNmzyTmA_a2aCnMitJpXt7PXAAogMYWnv4fnJIhQmxRw5K8awkEh7gSxxp9HpXtWSOB0s4K70FNNTgvtUd6Y&dbm_d=AKAmf-A0H81ZneAsxQSHdO-QR3hW6ajMe_-keB7uJwLMFM6_wrSa-MgTzWwIMXnVMPG3VkcoC-9QQ9uMc26Ftz6CDoO5_foDYAwGcA6Vt7C_gic1gBSjEsDXfJCrqHsDYiaRggqJmwwX6YNC3dKG2GR_6CsVgNSAWJjoRYDQuCcjKra2verwdQ42-xXAv4pdo1evg1GCS8yKL-hj8aWDjs2q4L-Vu8XdXqwFjNb5ZrmNeDA1-wRXmCBnzoqddM79Q3pXNgJK-86vWFpOzmTtGk_CiTpGQl9d6AYZZlYJlWIby2u0ALP5N9qzhmRf7Zet-liJR_V2tYXoAsF-dCKDFR4bcZS2E8AlsIBouIVujuwGK-x7o0zcCzjcuhoAhOh5ww-YCM-aJeAfxW46rulD5ln_kxa-gTXGbpy1o_NY1eRJ8zkd5ZPeBC1zc7q91riq9H9k_BZf13SE6FtAmd-_H3faTt21bG9IJjGbFYapDa9C9JVCxzUjuU9rXdNDf1L3Hao3Z0f_FiVnmK5ka9UQ7ebLdSP8P1AWm7ZG5IZ9SzTtHZGrhi4fzcTmZng8JUbX33Ta-0opF4EGuO5rKxtBzuk5JzMwaq3bPk2VsbtdYEpcAMGc00z2APQ5zgEk336MFbGg58d0Xo7fiXRA9Yl8POep2yBGIIUUOUlAeFrBw49rsPsNZAO1XGH_kkA6v1_y3K3l0ZvBZCdDX9rEDepI2uCb_4jZzV6srf6XbOUS9V-fvk74phzfybZmYzay95evgsUrgUvyK3rc8-5HZ6famUQ84Isg_o9PNnHfJNHUJeKAVYOsJxYx2gWThlstBOaoeK7cSgkw-NXYofdxcsW-EipYgHycAXIJFsCbpgzvmu_Qm7EPQ07XmQnYxVotZCZ5lLhWQPoQCdfcxCHzCghHaeTcMSHFC57HW_fC54Ng6fJgtaZt9YnOXwLL0Bd6rxwaMNJSwW7E6wZqxKTAeN0l09tI4kG-4-AidCscg0EOYvwNNTaE-5E4EA5L6N95sXYZY2j9mbOvYk1hgCFbJJpY9itcuDrfpc4gE2uuw4BJWGknI_u27UcdyqS4rxfkGw7wyJvGb_qZDAMVkKnHxyoVt9z_Rwks1rZIryvxEU-m0_LEqAQ29HW2cqCefoa11bZqw_h3O_ExsufGOXzspRVQXXyNnsQWzDfKy9VoLtIL4wHc7ELMyNBq6B5piya3zde8xM53ucAHb0NoC9tDbjL3xelV6EJd5p1qTuaRJFOfkD_P1j81P28RvMQGkMgHWrxF9zsOixitJxBeA-ZRBxSkLvjOJvvVvcbFKhGAaSclXVpPezHAPFRQLD8YOuAoy9wXnI-hHvumR-yEcC1F3ZJXhbhTNYm4__O7gv-1TDJdTjSZcEH2FSlNEJ-mVKrC6-DWc220VvrnTMXFIhb36jC17SvfPgcazTgApzcmQdi-IvhBY4eRhJmt5OE5n0NsR7cBQlk1aO9rt6UcbRzHlftVkjM_DljBBUjkGzVfSU4B3nuWiWHxcbe5c0LrGYMOsCDCJj7J9MJbZ00qZXPR94WXYzKJf2_92wPB1Hec6couYL0yqYZIKltOfJg2tqM2_jUaeHxLqOmkZ2fn-7VAS2QOWyIViqNQfSb03L17MWJ8F7QL2pddtyUDG4y4-Mu0nGu-arjS-7XLK64Swjfyw8lfshsnhI8Y9DiORYO0MHDVIG4FUE8Z6N0IuzYOJTZrd0wtxz1zqfZ71vSt21-Z8xTrXxZD3SvzldW2v62qurBNJ7tOG9kExADbtu8iUAarMDBs7tlhOIl_OfX_VROvsyMQe92jR7cDuZFabeWAibsa4-5tCktIeATVC9Lk-VDwNIdeOOVP_rfRL1SjE-DMl-awzosRSuyrZmhF4-3xtAp9NWayhpbhGSXPAnA0pviwPsiCwpVWxsr3Bl_euBkUtvw29vLonbQQoLvhP8j-H89PZhpYFt74DBQZFeNn31cXslwKcHPwdUv49zHbrovaAL5LGs-b_6YpxDGjK96zNWWy-HrxNjlWSpvBAZgKC2XFxAyqzvRBWyRvcXOOFotm5eS9pFj_K4uTj1XEQrGTzbS6KZaazjt1ebYkoWYbhQOVoyCS0vTqj2aN780C75IKaJ9jZbGwtVtee5INIuFO5_p2FpChzFQr7SIKhquQ43MrxIu7MMY7SkgnTm6zkHsSubLXRy3wE5jSHTQgueZlzN3MeRp8RbAneU8ggOKTWiBgW2eJPp0V5x-turz9M-ZQ5ZRNiIHEEhuAmM5dvtjTHCVp5cmwjlL9eXZIleY7J5eUv4_39wBqkC6pIycTYUngMS9n57G5i2vrRK7ZHGTkCtgX9ipFpQlBItmeTh6PP9Mfn-nKif3DOyYsWQ76KFb9_JcyY3wU1HkbgrZBmy8-1oLxN5ZynxJJtOUK5fcT4GrfyybMyb-V79cozvKa2rfE-SEmh0z34Gjc5Sw_nNVzQLzeO4Sn4cwOm3jqyRvgMjbQ-JW5huSwaSASTahaGs8ABhtq5hOwiJcmMNpqUcO5AiYE_qmgOy0j1kf38By2PwF2xHbYcR973pkNW1Uqg_KsXJndU0FQcHnjONsJltDZ0epr_rmRwyQP4ZWAMhhZPXeT368fqLQAI5mahf1PBJU_sDaR1iAqMprfDL4wVXFkt-7qwDCASbLRLhj2Gc4wVd4-GoREWtFgjp-QUiA7o-Ox20gRuoum2zEQOS0KHzg0uc29zqzcG4L67N_rAIm1DXGuRYh8e9n-WkVzKXg1OIICUFWpHX6DwlW1aUidTur5sRAnrY2bXzYzoOa17tfVk0p4s_iSuQ8RCKIcqDKJpNYxKd3AfshYE0UvTtCI454AlNo21NHJmF0h3EqQERoCoK6ijLCWd5OM-50ZKN-bF2VXXQbQAaJdVkgkhsS4oWcIzIlUoJkheqkg-ZOFPKQtxPuFpLyLB0GUmA-5Ohzq2b7wIO4ZaX4Bo6ZzUlWxr0wXWGKEOhvxODBrYRE94gANk5aZroeNhm-wMv2i3xCdPekX_8QcAZlclgwsxgBnN2WfzgqAJ-WdOK-W1J_GeWjYQTmW45dRkvbhvZ3Qv5ZiUJR0ajEoxrvFn-lAexcT8lC8UyvIL9QwVBQ7B6Y-8lRI-JI2_Q_GZrR7m-D6MPoj4c6CSFOJCt9XRyGKF5y9tqVaStiAaU-I4WNC5wltY7w_YPIoxVgs_vd7GzJpkhuI9LGTfFy5HstZnDTZlRmRci3eSfNjdPGAbH7EOmIRU5SdUkedSYO-_70sA0-9aGug4dC-Zgj36J8udMKFrJiWi1jvyN857zjzRZz1sz8BCRFyFJtpVqo7llPHVhZjJuE7fsPKE3vNksBfw-sak46n2lEmm_n1JbvPXOr0uPS4G1Uby9-_16eJ2QkH_FC1h_5ug_bUz6zDYPpTSHQTvWJZRehL91st56BSlJcrjwz23Ln7MB3ptz9a7_RV3Wy0OuwttwCZWmeePrxcNC60emiAyakFvmAtcWynOuV9Nsy4irM1VTODMcsO5K1UybdP2YIHvZbg_bZDseXxD_k4RcGKruPFkZnScvvtjmIRyjkr_GguBKxXJY3ywCNGAyLtzL-GlcE6DYZOpAFMWfTUveis08ju1CpxjNNvddEeW5UaY5q7h9q7hC1SdiAiZ9ny0euqltUKgdQLYN4sa7sMviVMNovl5PZEtEviPXfDnElrHhYWFd0EW2imBzpDl0Cf0kE-Xw_RULvPbyG333bOduYtGE8iGMKWxOImcwt87sRBbzQ&cid=CAQSKQBpAlJWDy22xRtbXACHgjwGnzWKl55j9yThCq_p8gzqoCRk7Z2OO2XZGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=16276339330048705000&adk=2215386029&idt=117&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
10708
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:13:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 287E 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3uY2KSrQJDq8Dvf9ZbveiOzRaLfUfk2WXG2spGfBhx6D663SSSxDrvS1-LXwKGBpr4JQNqeffhGT5C2KLHMOeIYw8KtVNmzyTmA_a2aCnMitJpXt7PXAAogMYWnv4fnJIhQmxRw5K8awkEh7gSxxp9HpXtWSOB0s4K70FNNTgvtUd6Y&dbm_d=AKAmf-A0H81ZneAsxQSHdO-QR3hW6ajMe_-keB7uJwLMFM6_wrSa-MgTzWwIMXnVMPG3VkcoC-9QQ9uMc26Ftz6CDoO5_foDYAwGcA6Vt7C_gic1gBSjEsDXfJCrqHsDYiaRggqJmwwX6YNC3dKG2GR_6CsVgNSAWJjoRYDQuCcjKra2verwdQ42-xXAv4pdo1evg1GCS8yKL-hj8aWDjs2q4L-Vu8XdXqwFjNb5ZrmNeDA1-wRXmCBnzoqddM79Q3pXNgJK-86vWFpOzmTtGk_CiTpGQl9d6AYZZlYJlWIby2u0ALP5N9qzhmRf7Zet-liJR_V2tYXoAsF-dCKDFR4bcZS2E8AlsIBouIVujuwGK-x7o0zcCzjcuhoAhOh5ww-YCM-aJeAfxW46rulD5ln_kxa-gTXGbpy1o_NY1eRJ8zkd5ZPeBC1zc7q91riq9H9k_BZf13SE6FtAmd-_H3faTt21bG9IJjGbFYapDa9C9JVCxzUjuU9rXdNDf1L3Hao3Z0f_FiVnmK5ka9UQ7ebLdSP8P1AWm7ZG5IZ9SzTtHZGrhi4fzcTmZng8JUbX33Ta-0opF4EGuO5rKxtBzuk5JzMwaq3bPk2VsbtdYEpcAMGc00z2APQ5zgEk336MFbGg58d0Xo7fiXRA9Yl8POep2yBGIIUUOUlAeFrBw49rsPsNZAO1XGH_kkA6v1_y3K3l0ZvBZCdDX9rEDepI2uCb_4jZzV6srf6XbOUS9V-fvk74phzfybZmYzay95evgsUrgUvyK3rc8-5HZ6famUQ84Isg_o9PNnHfJNHUJeKAVYOsJxYx2gWThlstBOaoeK7cSgkw-NXYofdxcsW-EipYgHycAXIJFsCbpgzvmu_Qm7EPQ07XmQnYxVotZCZ5lLhWQPoQCdfcxCHzCghHaeTcMSHFC57HW_fC54Ng6fJgtaZt9YnOXwLL0Bd6rxwaMNJSwW7E6wZqxKTAeN0l09tI4kG-4-AidCscg0EOYvwNNTaE-5E4EA5L6N95sXYZY2j9mbOvYk1hgCFbJJpY9itcuDrfpc4gE2uuw4BJWGknI_u27UcdyqS4rxfkGw7wyJvGb_qZDAMVkKnHxyoVt9z_Rwks1rZIryvxEU-m0_LEqAQ29HW2cqCefoa11bZqw_h3O_ExsufGOXzspRVQXXyNnsQWzDfKy9VoLtIL4wHc7ELMyNBq6B5piya3zde8xM53ucAHb0NoC9tDbjL3xelV6EJd5p1qTuaRJFOfkD_P1j81P28RvMQGkMgHWrxF9zsOixitJxBeA-ZRBxSkLvjOJvvVvcbFKhGAaSclXVpPezHAPFRQLD8YOuAoy9wXnI-hHvumR-yEcC1F3ZJXhbhTNYm4__O7gv-1TDJdTjSZcEH2FSlNEJ-mVKrC6-DWc220VvrnTMXFIhb36jC17SvfPgcazTgApzcmQdi-IvhBY4eRhJmt5OE5n0NsR7cBQlk1aO9rt6UcbRzHlftVkjM_DljBBUjkGzVfSU4B3nuWiWHxcbe5c0LrGYMOsCDCJj7J9MJbZ00qZXPR94WXYzKJf2_92wPB1Hec6couYL0yqYZIKltOfJg2tqM2_jUaeHxLqOmkZ2fn-7VAS2QOWyIViqNQfSb03L17MWJ8F7QL2pddtyUDG4y4-Mu0nGu-arjS-7XLK64Swjfyw8lfshsnhI8Y9DiORYO0MHDVIG4FUE8Z6N0IuzYOJTZrd0wtxz1zqfZ71vSt21-Z8xTrXxZD3SvzldW2v62qurBNJ7tOG9kExADbtu8iUAarMDBs7tlhOIl_OfX_VROvsyMQe92jR7cDuZFabeWAibsa4-5tCktIeATVC9Lk-VDwNIdeOOVP_rfRL1SjE-DMl-awzosRSuyrZmhF4-3xtAp9NWayhpbhGSXPAnA0pviwPsiCwpVWxsr3Bl_euBkUtvw29vLonbQQoLvhP8j-H89PZhpYFt74DBQZFeNn31cXslwKcHPwdUv49zHbrovaAL5LGs-b_6YpxDGjK96zNWWy-HrxNjlWSpvBAZgKC2XFxAyqzvRBWyRvcXOOFotm5eS9pFj_K4uTj1XEQrGTzbS6KZaazjt1ebYkoWYbhQOVoyCS0vTqj2aN780C75IKaJ9jZbGwtVtee5INIuFO5_p2FpChzFQr7SIKhquQ43MrxIu7MMY7SkgnTm6zkHsSubLXRy3wE5jSHTQgueZlzN3MeRp8RbAneU8ggOKTWiBgW2eJPp0V5x-turz9M-ZQ5ZRNiIHEEhuAmM5dvtjTHCVp5cmwjlL9eXZIleY7J5eUv4_39wBqkC6pIycTYUngMS9n57G5i2vrRK7ZHGTkCtgX9ipFpQlBItmeTh6PP9Mfn-nKif3DOyYsWQ76KFb9_JcyY3wU1HkbgrZBmy8-1oLxN5ZynxJJtOUK5fcT4GrfyybMyb-V79cozvKa2rfE-SEmh0z34Gjc5Sw_nNVzQLzeO4Sn4cwOm3jqyRvgMjbQ-JW5huSwaSASTahaGs8ABhtq5hOwiJcmMNpqUcO5AiYE_qmgOy0j1kf38By2PwF2xHbYcR973pkNW1Uqg_KsXJndU0FQcHnjONsJltDZ0epr_rmRwyQP4ZWAMhhZPXeT368fqLQAI5mahf1PBJU_sDaR1iAqMprfDL4wVXFkt-7qwDCASbLRLhj2Gc4wVd4-GoREWtFgjp-QUiA7o-Ox20gRuoum2zEQOS0KHzg0uc29zqzcG4L67N_rAIm1DXGuRYh8e9n-WkVzKXg1OIICUFWpHX6DwlW1aUidTur5sRAnrY2bXzYzoOa17tfVk0p4s_iSuQ8RCKIcqDKJpNYxKd3AfshYE0UvTtCI454AlNo21NHJmF0h3EqQERoCoK6ijLCWd5OM-50ZKN-bF2VXXQbQAaJdVkgkhsS4oWcIzIlUoJkheqkg-ZOFPKQtxPuFpLyLB0GUmA-5Ohzq2b7wIO4ZaX4Bo6ZzUlWxr0wXWGKEOhvxODBrYRE94gANk5aZroeNhm-wMv2i3xCdPekX_8QcAZlclgwsxgBnN2WfzgqAJ-WdOK-W1J_GeWjYQTmW45dRkvbhvZ3Qv5ZiUJR0ajEoxrvFn-lAexcT8lC8UyvIL9QwVBQ7B6Y-8lRI-JI2_Q_GZrR7m-D6MPoj4c6CSFOJCt9XRyGKF5y9tqVaStiAaU-I4WNC5wltY7w_YPIoxVgs_vd7GzJpkhuI9LGTfFy5HstZnDTZlRmRci3eSfNjdPGAbH7EOmIRU5SdUkedSYO-_70sA0-9aGug4dC-Zgj36J8udMKFrJiWi1jvyN857zjzRZz1sz8BCRFyFJtpVqo7llPHVhZjJuE7fsPKE3vNksBfw-sak46n2lEmm_n1JbvPXOr0uPS4G1Uby9-_16eJ2QkH_FC1h_5ug_bUz6zDYPpTSHQTvWJZRehL91st56BSlJcrjwz23Ln7MB3ptz9a7_RV3Wy0OuwttwCZWmeePrxcNC60emiAyakFvmAtcWynOuV9Nsy4irM1VTODMcsO5K1UybdP2YIHvZbg_bZDseXxD_k4RcGKruPFkZnScvvtjmIRyjkr_GguBKxXJY3ywCNGAyLtzL-GlcE6DYZOpAFMWfTUveis08ju1CpxjNNvddEeW5UaY5q7h9q7hC1SdiAiZ9ny0euqltUKgdQLYN4sa7sMviVMNovl5PZEtEviPXfDnElrHhYWFd0EW2imBzpDl0Cf0kE-Xw_RULvPbyG333bOduYtGE8iGMKWxOImcwt87sRBbzQ&cid=CAQSKQBpAlJWDy22xRtbXACHgjwGnzWKl55j9yThCq_p8gzqoCRk7Z2OO2XZGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=16276339330048705000&adk=2215386029&idt=117&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
10798
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:11:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 287E 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
480623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E056 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 287E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cec730ded36ac4eb2b92c02a7c8eb64029564de90408a9db98851197c724309

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
partner
sync.search.spotxchange.com/ Frame D0C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame D0C5 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame D0C5 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNVX0BJUFDSNaJTiZVSDxND6HvrjbRgGD8fM6z8s8x7PjyDYMJu2w0_aElLNnCWfE_UjJUznjfSvKdeXmTdYJh6DUOXWH7sYOvdr1PTxj2SZmbWs1Rn8sCYeBP_7bnKT6zS-dciKa_ppVkla-eBQo708YcmMjEFq8cT-mOe-fy71ZCcZqCw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E8CE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29691
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame AA46 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76432cd24d12b969e8690c3c2dfbaea8405cffa4809869e64f35b2fcbb3d4cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 160E 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBjsvPlvZBIQIXaj4BjSHQE&google_cver=1&google_push=AXcoOmTqGymQ4Q7RWPgSgMHY2TLNGtsisGnOiNwXhiaJtnftxbqrvfCeaflywFSsu4I2q-57PG1wI4l_GOTu4kOnyJ549K29RJjX2alEIE2cGp8jgKwFmPk8rQHapnE8n88YYywdQ8_UngSJMh8OwuRDyMX6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 160E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5Bc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5BcczVhX9fb5iep0eGkiGc2Gz6GHHB-faV5WHlZZ9JS-SvcvVTB9v-YNOiUZ-WdmhRqxAhlFf4NrW3uIRSKBzFuUbSwIo36yEL5DDSb6eoEd25Y4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0310c9e42ac8c94ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmS-Xu3peTAFgEmNBXvO4TJ0ivy3HE5uY8gthqBL5BcczVhX9fb5iep0eGkiGc2Gz6GHHB-faV5WHlZZ9JS-SvcvVTB9v-YNOiUZ-WdmhRqxAhlFf4NrW3uIRSKBzFuUbSwIo36yEL5DDSb6eoEd25Y4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 160E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFNkeretEaFM72T6kmFHi5k&google_cver=1&google_push=AXcoOmRbgh2qzgJoxguLc3rKLdpMYIVSUpMO9QD5e2oj9ubUkBxymAbyy8NLyRuGnx0DZhx-noq5V1f2qtWQRwvhTDO84o_WPPG-aWPAfNLNaYnT2CRTv54gJQaVC1kSH1_R7glS2H3PprNxULra62Cj2Ss
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 160E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAk...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAk...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3JhLNxLOjHTKLmOT0lFW_qKZd&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 07 Sep 2023 17:11:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQbyZJSHOXXDZjqv7NtdSVM-Wq5-bzBHb_acRvsp4AUpDoQIz_lshvCKVaK7QyjlS17Avf8prJbbaGtesiAkOFva-tnntyCn1-edsHiJAugdiN1eRBqVQC6MC0Jl_-3JhLNxLOjHTKLmOT0lFW_qKZd&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 160E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwy...
  • https://sync.targeting.unrulymedia.com/csync/RX-81148098-47fc-4c20-a971-cefde0d48ca4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRJdV3N0QKwSMF1FoZKy...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn&google_hm=A4EUgJhH_EwgqXHO_eDUjKQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRJdV3N0QKwSMF1FoZKyohCN1srDkiCeG-R3cKpPsbqWnMCn3xCXW9H5jo0fYpa9xsNdiJRIHBxmm9LKiUJb_5SMVNV1UQpOHwKUIdp7fSHzY1_6Vupxqn-fmiuCwyDsFSdimvz_ZRqsyA5P8ObiQdn&google_hm=A4EUgJhH_EwgqXHO_eDUjKQ
date
Thu, 07 Sep 2023 17:11:39 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8114809847fc4c20a971cefde0d48ca4003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 160E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG48BwAY6YMCNdAakddmtXk&google_cver=1&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7e...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX5Dv9gI0IdNf0H5s63UmKuSpcrasgS-xeos5eiGPaNIAD7e_eYH8cCykqB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmTTNhFgAVhYy79_a1FROQxI0NfSWL3EGbCWARUkJfevdNPbsrlP2pkyRaPp_A3LblqtmVaL9h-0LeeNoMWpnzcsCz0C7eX5Dv9gI0IdNf0H5s63UmKuSpcrasgS-xeos5eiGPaNIAD7e_eYH8cCykqB
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
report
sync.teads.tv/um/ Frame 160E
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELgFtls2plvn...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSKLVsHccEqgvB2f7ifcCClmSZOehk61k08o1Q_QuL6E5EYahY1l6MmTTaV93dXraa2hFocIT4HWgiDPX0-HVvf3XnoVbcW5m7y5IIzcZpF9mU5m...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Thu, 07 Sep 2023 17:11:38 GMT
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 160E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4zJ-avjpYQNNmXHmVdmvSsIarHuH5NYar5onU_zd3O7qb4Mawf1-uOPZzOcpVfvAHgOcAag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=987332488391&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=987332488391&version=m202307240101&ct=77&x=1&cor=4840758945494097000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2F4F 		15 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASuUBUTHoXyEatwyEZzkOsoyUftdmCD4wojFENEe-M62xnyfRUqbBIst3XcZ94ehQ_w1Mdt8Walc7rG68otM_KF-1KKpqckSZI1NHdxwB5uN6J_5l1hmLtDiyj6Yt6eZS4u5_NbSUziuog9RrlhYVeuj64nAtLsMQuYat5AjHPu6-3XX0&cry=1&dbm_d=AKAmf-CeWh8TKjYmfHEsn0jjK9W22_nU8AFJ-CP5mf7qmeL6Vu5ek5s8u8EjnzggaIBrrMlEDWA191NosXLF421Oq_dBPihSGiyA0aB3HCR5Y0ttpUaykGrbaCphwoqzIvflx1p9k3svj5if8TSZkPVkbK6LEin0DCja0hW4815I8qS2BzQ2AHOPemyv_SmsNM6YVc5zkSsxCFbUdL7TfrWDdd2uZXFhCAtUMl-PPjVGyL7xOeJrbdRT9a8fNkWVC5M7y-vtNg-OATn6PkrhSEumNulPtKQjfrLmn2Q9N5Gs8wKZ8DG5UUgqOTI2nVT3C5faADHt9rd3FwAeA1Vv_Dqfl8ESFVwri4OiDnkKS3l8DGk44KwUte3NVcCNV--pdV91KfIn65Ee8PxYhdup7FZ64FSIJweRlQ4qN_UnRoHvNV6Bh7IvmcIDTi0e8WMfb9vgwfBlWGS5NBQZmZnYmXe7SqgxP_dklLUEmD5zJN8aKT4rzWV2HGMhUuLNSFOMXMCdcDFsS8pFKoE372Y61Mr9Xe5NrEL1EQvZSZMCEwLWhI2ywosN0ft9G7vIsP8BQcpSlBAS_KWV8IdJvrvjTEKlaT0FTDIakLEJu28mT5kkoFSpF-kpOpk2D0vMW7dU_CC7aqEeKpKl7UdjWv2jxJBT3PPBPjLfP8PJ6DmfyMp2oQhzBmtCsoy6Fs875_5nPWyJDCJb0Ctb3Ira-WfqgskunJD4kOzP_qgSu7O9Z36aaWZog-iMUcNg7Npv-DCCxntdNWd7rRNZtvZO9USuZdMXrEL1p3bLpGzY06FAklRYLpFTDNeCGGxmDYD_Urutm-wIia9VCbGshVF6XdW9NBUBdzQMcWxzYsff9gQZY8ozcxH0yQL5BqPmFWVOHpdJCSCi60RmzNlfk8N-ecHrwK8y6sWVaU7_84674gNquYv3Ypb_07REoLX_o2sCAsFRORfq9iXBnMF7sKSmul2kGdvKEdXaD_qgWqUUi5VBcugI5s8tN8YwfOOMryIX80R_whSNuz6jGBy1bUQqdKYJvGCnd8I7u6lklbfLcXSxymllvNXw7pkf83_iQ2e3Wqe708qz7Nr5ALJQoRki4yUMCOBWsHZ8d_gZpM0QQWBNeYkYQ5DVOPKmOxh31zWHo7w6E3viuj7zfofELxv1VXpBGnwRE1-yw5HTKHgjxc-va2VyqVRtvgrTZktUcpeRqdKi3SQ0bRitsyPY-OZ1Tqvf2OkoxIbaA0u-M2fJLhjmh3SqCWXgGP2T2eYdBl47qoq01fMND75r3GMco7Sli_cB2ZHxJE76D81okOCKowZ1RXR3GMckc4AAvJjpPosoO7GxZQzy0LdZzOu0DBd6Nw2hzlp_W7q6pVdiRJpFZW7l6WEnhgEC4ilguMPfoMUw15PFW5cmrJNY0J3qxCeua5ABLB44g8HmphbK9c0rEUW43yF7UC_WVf-6HktURL-F3As1msHNpFHcZHrvBt4LD14WiU0L3bmMvTKGpbSHqtJrFJZtzUuWRdrXWSYvhjo0gsLScPESKVKB3cvC-5Y2uxTu5S4aPG8JFbK6z-TwyYW8SGfyiwxNdLELUOKg-7u6-fHtGt4gHtuBZPAZtg99UVdTwZz9aILdPOmbK6FQU80koF-ZoVyWrP4wjiGJXe1z9t9TMOcaYCAl-_52x8t5UV4UvvRvzpm1DWm9aG_4wnEnQ-OF2cV-q1C3MojrOwQZB19Bizxl3DYfRirvon_2WR0YTRek1HGry68eUcBTUvDhmGKHdrGop-5yjjqZ67n5YS6oi93rUVwX0gU1oTcDRZS4KmbBktUkqrewtQI9YArWJddxqJn44ylA23rIceg0uCmP_kVN3QaGGvcHctl6xkdUVUyKE7fABYe1jN3ukrlQFPt87FWa1ktsNeS-bCAdHfxH6dUaAuUlOIn4yoxS__s7NsPUujFc6Tse3wj7bFChxVH_99paLVV7QFNtof4GCLUeCC5zbdGDQx5K8Trog0sYHLZUhjhySrquaTAVnMgnNgI5TwQPpTF1XRloz6Abtwb0W5JDCV7hr_40HeBFGbNIQLxbs0KqA_o0TuYjZW1_PO6ldpf1mIUmasPmb--qpGdHVu2LVarpkMBTeeUEOyUNyxttLYNFvzaVe_iZv2CkM_ednDOEERvnwdbM2kx5gLb3Z48vmrjAfb2DxQp4dAJ-6juSDShlvwaW9bKfWe6InEvY-ojIj6GsIN4o7BbrLLvLjVPUXOzqdYO7nannPQIM_r5LFCzDF7pu17RMOR7MWBwyeF3mvkhLHAE123f_zaeRF8EWGEu4oJpkMRUiUUnsjul8r76fgreZ-rZDBN-Jrgi6nxXFNwFAfxKvO7at2_yR0yDFQQ0sSg7BjFY8WFVaNqwWiyc2A-PkxGJrywY_hUKSRsMtrXjR6FB8v3qcT1YXhHTqe2yVcaSBaUKzvDK5vgKsVa4RTPLamg7zu207ugdvEiDPyexnpm7s9JQLNprz-nKEft9IfmBHWhf67SZMFbTOXLe13z_oltU1SkDT2F6W1Ir9JOf0AD3pKUgwigpQEVLo-QU8SarOPSy5MFWt7VfgnXTjkzs-qiyacztbKUFd2_FCs8hkfV4ZzTGvchqBIGalqv-7tmDDWdRBXLtZAvKWip6Mc8y_J0T-i8eVqUmlYLvtvvQNByKykJgmbEd3frl4FGjVLy4MrWOVvYVSUMFB1IlMu9YCbG1sl6ajmX7Xn52xnCYVJ5afCY7MyOZ6_uTIEMQRmB_qJFK2uGob8PZuT17MBfUZPQBmuuxCN4DJcHVXAUYTW2_1GdjLdpPQGQ-Io6qzUhlF7ZJqWgInJm4GL0FOL5R6i0dogjkWdjyFHfdzEBS-yPhAHROnGRYCxucP9ukO-tPtNgHyRUSZU8V6wiZUuix3NrBtV37B_NQ1Bsnf1w3XZH9Qv1XcR4GedZajbE8TNneW5ihVsl5uDt46A8qZ9M0YzCucmngETCboA72wt-EMXDWckv0-43iQmzbB2xKj6X59lq5tkDHygGYMYViHqtMIHA25s5QY7XGsjpjdHjKuBS6WAKPqX7Q3EKW8kva7CalIB9fLXR2xRJhsK0aTj6teVzxslbiB4-qnlkktW4v10jQBhcR0tRYOtvf-GpI6r_7S5HLnrPUFTQQH0ANG8eOgRk2EdNH50VF8bxnMYMVV4V_iDyKE0DvgWEwBlbAxRo0jIbfOV279jJkN_rPu2DL51B8PpUlkeserCbSHmL5BiL4RDCV7UrvNpayvRJcq4ijXvTCx6mrF7ViDuxALW5fVs3WtmfdM479YGv7XpCu93TEbqJQu4ygIgn8RlB6NoCsjrY0l17bbZU18beJXRfc8FROyJvABEz21SvhGvstwM3p5KVB2_Ioi7G07Ko82_bYESD6_ppQRxa-UCwPZk4Kw9zq_ioCde7nqDcTCtjJRsCsFe36rJkiStqwr8diwvimHjYrZWzyU8s9ybgREAO5SK0PBdOlRWbPAEzXqyMGQIk6tBXF2L1xGAOrC80CHD0IAdcIJTueg6yC6RHt1C8Jt1KzCAgbkvLzdyB2Fp6iUS6ks-aDcgerF0vYl45ShAnV24eBzvs9ehLNWQRATTlmZ3rx4508t314W-6WpzH8ckPHi_NZqFvbgpzlzq2A92afTCLnTFGQdP_WzUQGvV-f2DZocEuFnGjiwxV-wtKeGAM7xc2R64pyjGGy3aZg1WypfvICIO1-cHanDA3onW8typh-oM3GE15kV71pXUFteTHCdN55gRO8o7FqibzsAtVvVtyXYZMOjQjB6GXI-pRKicIh3WYT0D1-SYlJGtTWdDmY&cid=CAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=4840758945494097000&adk=2124396030&idt=97&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beed20444984184c71e466569f94a363163a263d0c8f3047a4f2ffd1d9e27e75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11764
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D43E 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f24bf6841d661f467381737dea4e315911bc7692e029996c55fc5ae685221be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame CAB9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
/
track.adform.net/adfserve/ Frame B4E7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=67239502;rtbwp=ZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw;rtbdata=xBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0;js=1;adfxid=1x;9009;set=en-US|en-US|1600X1200|0|250|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e0b65ccdd8685afe8be8ca812f3c51634ea1469e4b57ee6dcd07803bde6590e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2919
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame A325 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240102&jk=343052364237571&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
index.html
s0.2mdn.net/sadbundle/2260711041913871990/ Frame F1AA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9010ab3abfe3a90b78c2b656ab60b57c29a2802b033e22f38a5acddc3b865edb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
176215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2452
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 16:14:43 GMT
expires
Wed, 04 Sep 2024 16:14:43 GMT
last-modified
Tue, 05 Sep 2023 12:12:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AA46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCWQYe-lfYwO_jla9aVW8_8ZqAurwmthLszNWsd-wRnojquZZfTpTuE1rbY1b2-PB86vqv33_W4hqYFl90-LndT-_KhLZAhVfbsyyUZmBGehmoTifHnTR4zgc4KkX7yPoLznI-rx75bNdy81IEpRtu3c3aWp92wbs4pkQfiUU61eAT-LpbAP-ULMrDtRh7rm3GSo8d7xXHVC8ga1DIjdbobY1NMokXR782fOeaKfOF9EoH03CVyf1w7b-DX3-8conqtAcd2QOqqM_hBfvsnh7-Mf2oyASejANWhIHhunHwRfBOPhCdiuWopNmqDu6spw328GwAuvCbRboHOsSuGDZj0LFMdV_EonT_xGBN4fqyf3Zyu02s-WCojOnt4ouCVTcCqY-_RbKtvGIQQGSr5knlqeqCDnkTkmYnsjuppBHdpEdwYzjd55z0D5icfNKb_6obpfJBGR1nHcG5Gz-WFkaTHSVafdsGyCN2V_2Db-y4rkpe4DBpFxi7Iso8g27U-Um1vWyeZINQBOgSEsbYgiFkCh6rpN78F8AmDGJDwpPjgcSoiJJFyRD6HPTtDhW3dXGTQMT-16wBnVLWGPAkZqpmtomXW3yi3MSiASWH9AiKqAULPwGgYuMa-lXMF-E8n3YDeqe2N_pPSYLj9MKFx8mtAoWr-yoh-9fHurVYFOTgVj0fKPYWKWPX-TZDjl0k1_tBaM6nbx8xyfV7RYrOmCGW-i9PkFXBM5i8oPG7B8GIXAfhbfM33-cfjZcVTr9fLnAxn14jLJ8WqZQ9ytsg1oQGTtM4RS9vD3YviQhdCXRyL0sS_jSpkoriQPx4RnlkqibVu2KIQ0XwLWPavO0pyKwWF3RhACDf5ShjWWawiTqrofj8C13M294_6nyqh88bQ48gzsOXpdtofPGm2quIHYW4KqCWdzp9NcZ4YJBiy00SvwB1gpPyBkM4rKvTtpGv_HyZ8vuyLgA06Y4cQGeerSe5Z4UJnfcD83aRS1E42Qgc9EMG8umTcqNk2ZVp2W3E4MUkeJUeGhrV80hRNYEQilZfr71xE8wLafKIcP0Xt6ORmkefro5cCKVEy8Ebp0rrvtthTGGyq6LbDbNJZedlzr3F9eZwpBWYyRThmMrgB8sqVcU913BWWS-lzkFD61xfORxCxvEC566zFHV7njEL1ABxflsusX6z7kwYigrcs-OP_p4uycS7E0R8bY4fSZnlexktvvAcG834EvBn3oFO4cY0hCd_olEMqZVkVJUt81PETZojwsHAZHLDvQeM9SwacdJIYxa8qHPBASybPfCO4WTffHK2M1eH-X5lEx89HSm2lp1SwMJG5cyhucMhoHN962m2zTscgw&sai=AMfl-YQDslwnfMIjgAWdk65oWKyxWG33jhJrlnOxT_nUUc9tPZLiJwXn8cp6x8nC-UySpsrbLEpEoDGfDEHsI8Ofyv28r664V6FRA9R4SdedppmaUS7U5dgbuUqe8VCajCuqwOYdwKl2etUehW4CtenP9RxDKaOMVf_pLLpzmjhAy9x-GijTjssBYgXI4OBKKd1pqdN8oeocBeV_usPlANZuPBkdAI--_KLyxuC34r-gQ80arG-mXWUy7xisQ3M5J4CJyp33PW0&sig=Cg0ArKJSzHi9oBn87acJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=202&cisv=r20230906.85196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:38 GMT
pixel
cm.g.doubleclick.net/ Frame E056
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmSIW2cwE9udWbQvO3ImkXDh9j2p1KCZA7JFR8Vp7hY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmSIW2cwE9udWbQvO3ImkXDh9j2p1KCZA7JFR8Vp7hYmES1L3loqjDluJP1fVDW8l4Xb2feVvDvyZi16fjXvoajSMITBYJUx-6lZy8Lez7y5zG3HWTxF1Da9OA8VmVkxJDdz6f1H1AF-eYPEeDqc194tNMI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VUJCQ2t1SlkxUUVpeEE1&google_gid=CAESEJq3BMPLC58pmavWnTWiawc&google_cver=1&google_push=AXcoOmSIW2cwE9udWbQvO3ImkXDh9j2p1KCZA7JFR8Vp7hYmES1L3loqjDluJP1fVDW8l4Xb2feVvDvyZi16fjXvoajSMITBYJUx-6lZy8Lez7y5zG3HWTxF1Da9OA8VmVkxJDdz6f1H1AF-eYPEeDqc194tNMI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E056
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGE9sjVTKYw4rqSDhpo9y_M&google_cver=1&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DXWlMiQ9gdwvcyHMI...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A36F5B97259546F895D5F2E6716D52D9&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A36F5B97259546F895D5F2E6716D52D9&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DXWlMiQ9gdwvcyHMIeE_FeGpgeOO7SIRBhM-5rcbzzuU7nTkTUBTC4CBgRih28m75uh9PjJzYY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 17:11:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A36F5B97259546F895D5F2E6716D52D9&google_push=AXcoOmSxpn-X1fu0WkELC7j6CFY-PMTzuhjny6NbfcTdvvFz5ewdz3j9eh4suuhTVEqxgRxcyOb_X9C-ZRgN8DXWlMiQ9gdwvcyHMIeE_FeGpgeOO7SIRBhM-5rcbzzuU7nTkTUBTC4CBgRih28m75uh9PjJzYY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 06 Sep 2023 17:11:38 GMT
google
match.adsrvr.org/track/cmf/ Frame E056 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFNkeretEaFM72T6kmFHi5k&google_cver=1&google_push=AXcoOmRftL-xRzQzM3p7SGRcDVK2F7WfPntzLlcNTYCEiMdntYOmtKS9JdiQmqX3gUiTSKqUNy1pIHPwY1cpuF_2QYQSEwE_AA4FvLolLTLLNM4m0jzO7tDvGtbDcRi469rqPyooI7QRZcIm54uMgH-PwDCjVd4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E056
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPzRzmWTlkD8U32xWtqVOrQ&google_cver=1&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2y...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2yw-EvVkkaZ6eFFfNPJWgICpVHN18nQOD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2yw-EvVkkaZ6eFFfNPJWgICpVHN18nQODC7SZRYXAxt42_URtxzfPVkqdTRM&google_hm=Q0FFU0VQelJ6bVdUbGtEOFUzMnhXdHFWT3JR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:38 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTDvv1rMBmUjctkl4l0gt5RVACT24AldxgawaRsei5NKJVGB1U5K2CH9YnXRjyvoqVLrnxv-cPvFZN2VrE695iVwQiQ8GI2yw-EvVkkaZ6eFFfNPJWgICpVHN18nQODC7SZRYXAxt42_URtxzfPVkqdTRM&google_hm=Q0FFU0VQelJ6bVdUbGtEOFUzMnhXdHFWT3JR
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
x.bidswitch.net/ Frame E056 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP60PONKRH4EU3zb9_Tz0U8&google_cver=1&google_push=AXcoOmQDq0doEO6Z88mQoO0H9_0lVWRFISxsikwZkLWNKBD7ZGOWjqnsa3mqYMBdH38JQSxIdywWPHQ_qblIO64Ic-pbYA1Coa8N4HlD_3zSRiCcBSIKtKAwN1W-gJtXgEbE385VvwuYvHFMTJGULYWiGtMau64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.107.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E056
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECBqtPEY21awCw-LzY4R02E&google_cver=1&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGp...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGpmOYy7P52AR2GQ9yUcAPD2RbjbSDvb61V-fex...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGpmOYy7P52AR2GQ9yUcAPD2RbjbSDvb61V-fex4NmAxMK8SMQCxQ5B4N6B_2gZlmkjEFwv_fmW8X8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSoitU0Yu68QeWpt9wr0S9C0VHHZs3NgVsqGQhv-Tu4rdyeRVI8E9YH6_5v3eRauqRgyAgYZlGARpGpmOYy7P52AR2GQ9yUcAPD2RbjbSDvb61V-fex4NmAxMK8SMQCxQ5B4N6B_2gZlmkjEFwv_fmW8X8
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame E056
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEGHPEkpiXoRpIhSoUzFfqH4&google_cver=1&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZPIT9SS-EKKzuzsGloHLFUFqlh5FIweylf9NxxjmmbToFCKMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZPIT9SS-EKKzuzsGloHLFUFqlh5FIweylf9NxxjmmbToFCKMj-OpFYH_pCgaJFO9WUNm_3B8GrAKT4hXV_g6NWOzqAyXas&google_hm=nhzvAZnaQYafq2jfF8Zqakk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQr9OeT4PCjS84kZa-k_55zJ3Slgt8nKS-HW-6wBP958kvXX6sx1TRWKIlWNZPIT9SS-EKKzuzsGloHLFUFqlh5FIweylf9NxxjmmbToFCKMj-OpFYH_pCgaJFO9WUNm_3B8GrAKT4hXV_g6NWOzqAyXas&google_hm=nhzvAZnaQYafq2jfF8Zqakk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E056 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JiSd2TsfvXEtUaOsgX6v1TroGaTjGBllJSZ-7rFfDm9IfDJ_JSn45YxnkReTYPnRfOn-nsiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4a.js
static.adsafeprotected.com/ Frame 287E
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1593509/73170905/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014084652&ias_pubId=pub-3216231935713038&ias_chanId=1&ias_placementId=20454105566&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
akOqjFMSMxNB2K6FJA8jdyBVXEiL5nl0
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
date
Tue, 05 Sep 2023 05:34:29 GMT
x-amz-cf-pop
FRA56-P5
age
598156
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
CDOVr__U-hsMEBrElteeb_vfMA-asEp3sCtbPiHdA7ucgTjxReZrTw==

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
server
nginx
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D17D 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
30332122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EuV3sPVGSjKzoJskQdF8ieAcuD5VybyI7FfyUYiRGr680u2tEXx9BQ==
B25653120.299683841;dc_pre=CLf9hKD_mIEDFXHxEQgdJHsJPg;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/ Frame D43E
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=...
  • https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_pre=CLf9hKD_mIEDFXHxEQgdJHsJPg;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_pre=CLf9hKD_mIEDFXHxEQgdJHsJPg;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1402310.3879431GDN-GOOGLEADS/B25653120.299683841;dc_pre=CLf9hKD_mIEDFXHxEQgdJHsJPg;dc_trk_aid=492885808;dc_trk_cid=148451270;ord=2795478777;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9FAC 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6841129e8733680d74b55f09f89cacb81c939c14b4c0e05721b1c55aef9e9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12095
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E8CE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1&google_push=AXcoOmRaec_zJ8GXlPYvHQsr6WxLdDWLK64X-6LetnfFWDI5LGyRmBQEIll2r2fdaJ_NRhBLkfbdwdumem6G24lC-Z6OwwKgVtH_DQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAxMTAxMTM1NzIxNzc5MTAyOA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzfSl7vt2QKigedcgI0a8A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E8CE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT_Ek...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-nfcQCavsBxK9Aflr3nNSc1F41tW1EgguCbSlJg&google_push=AXcoOmT_EkzXY4LUqQYhGDbKPK_2dI09QoH5K5K1iv15heTgl9jJuDGC280ZwZV2kPtVDNhT52AUrzd4zH3S...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-nfcQCavsBxK9Aflr3nNSc1F41tW1EgguCbSlJg&google_push=AXcoOmT_EkzXY4LUqQYhGDbKPK_2dI09QoH5K5K1iv15heTgl9jJuDGC280ZwZV2kPtVDNhT52AUrzd4zH3SAhcYLDa5VmENQdDYxg
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-nfcQCavsBxK9Aflr3nNSc1F41tW1EgguCbSlJg&google_push=AXcoOmT_EkzXY4LUqQYhGDbKPK_2dI09QoH5K5K1iv15heTgl9jJuDGC280ZwZV2kPtVDNhT52AUrzd4zH3SAhcYLDa5VmENQdDYxg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1052814
content-length
0
expires
Thu, 07 Sep 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame E8CE 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIcYUogx3FHql1E2MTs1bII&google_cver=1&google_push=AXcoOmQOcyyqzaxkVhshkG4DFG5-_YMcEAFaxgrzYSxgeIO_aTSdpQ2kOqcoLtLlTwrolTZTgDNk7VEFHTACH2xDY22vnyTVsXP-
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:38 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame E8CE
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHyiKjuZ_PM9dTEB63A75zAm8MVwBUuemGTQCTPGiha0Fumscfnn45JLLxJXbr5M0QmAjs_pGLbqlfE7N-PiK8OnG1C6jh
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSHyiKjuZ_PM9dTEB63A75zAm8MVwBUuemGTQCTPGiha0Fumscfnn45JLLxJXbr5M0QmAjs_pGLbqlfE7N-PiK8OnG1C6jh
date
Thu, 07 Sep 2023 17:11:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E8CE
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOXt3wY_r5hIPCJ4IM928Mo&google_cver=1&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55I...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55Ic-jpdFYjRJu&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55Ic-jpdFYjRJu&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 07 Sep 2023 17:11:38 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQYlPxP5NVksNLI_O6QOFIvZ_-6td7XNBYCzyBU8CqXx7vD1B3J_BvBE10x04eUW7MosmBcX3FAYjKImO55Ic-jpdFYjRJu&google_hm=HSEnuGZH5Ev5rjo3QZaafZYs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E8CE
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEL-LeiQCsPw1fgTKNSH--eM&google_cver=1&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQFjpFkmTg&google_hm=OTYyMjY4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQFjpFkmTg&google_hm=OTYyMjY4NTE5OTgxNjM0MzY4
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSR3WhEhO9omdpuRHpQoVhCWNhoLaWCalDT-qD0RmAE12MqVR_X9F-nyI0yyiMf4GOT4onHhnAYxM1cfh72Eq5WkmQFjpFkmTg&google_hm=OTYyMjY4NTE5OTgxNjM0MzY4
Date
Thu, 07 Sep 2023 17:11:39 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E8CE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEDdz1H_Xj95yoDfnEthYJs8&google_cver=1&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFW...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEDdz1H_Xj95yoDfnEthYJs8&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFW...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs&google_hm=MnhGaWhRejBDR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs&google_hm=MnhGaWhRejBDRzFWaFhubzdEQXI=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRSQHMpV0LlZ4PuKmOO_VjKV3kY28is285dt_D3TZ9gcVaDqBzVYswrCBmYNXwW5EwjI4CFWoWBAmpoCWPS06Fl1Yvm3HPnIWs&google_hm=MnhGaWhRejBDRzFWaFhubzdEQXI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
243
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E8CE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9htV7QUX979Bk_5kqd8Unf-RDCVuwCLjFG8cTjK02bmZWkkRtNr8R7ug1Wucj9Dr8dt6N9Yo
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 28DB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F1AA 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 17:11:38 GMT
css2
fonts.googleapis.com/ Frame F1AA 		2 KB
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 16:17:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 17:11:38 GMT
avoury-300x250.js
s0.2mdn.net/sadbundle/2260711041913871990/ Frame F1AA 		36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2260711041913871990/avoury-300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b29d53698ab78c705a7ed36e20dad295447accf246ee8ee1758db8b1d1d8a636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 16:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176215
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6698
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 12:12:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 16:14:43 GMT
dt
dt.adsafeprotected.com/ Frame 287E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=30060e91-5799-1e24-78e0-0a192ba83d3e&tv=%7Bc:nynHp9,pingTime:-3,time:106,type:v,im:%7BpBlk:56%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:33%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3Ql+11%7C121%7C1221%7C1311%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1*.1593509-73170905%7C1g11%7C1g12%7C1h1%7C1h2%7C1h3%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1l,idMap:1g1*,rmeas:1,rend:0,renddet:svg.us,siq:35%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 287E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=30060e91-5799-1e24-78e0-0a192ba83d3e&tv=%7Bc:nynHpa,pingTime:-6,time:107,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:107,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B100~0%5D,as:%5B100~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3Ql+11%7C121%7C1221%7C1311%7C14%7C15%7C16%7C17%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1*.1593509-73170905%7C1g11%7C1g12%7C1h1%7C1h2%7C1h3%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1l,idMap:1g1*,rmeas:1,rend:0,renddet:svg.us,siq:35%7D&tpiLookup=ao:www.bg3.co*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 8A59 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099497&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697437&bpp=242&bdt=533&idt=481&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=2&ga_vid=1767849163.1694106698&ga_sid=1694106698&ga_hid=1839516674&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2383843399&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076996%2C44800659&oid=2&pvsid=1296597380957355&tmod=424520515&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qxz0hbjm0dap&fsb=1&dtd=493
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2F4F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ASuUBUTHoXyEatwyEZzkOsoyUftdmCD4wojFENEe-M62xnyfRUqbBIst3XcZ94ehQ_w1Mdt8Walc7rG68otM_KF-1KKpqckSZI1NHdxwB5uN6J_5l1hmLtDiyj6Yt6eZS4u5_NbSUziuog9RrlhYVeuj64nAtLsMQuYat5AjHPu6-3XX0&cry=1&dbm_d=AKAmf-CeWh8TKjYmfHEsn0jjK9W22_nU8AFJ-CP5mf7qmeL6Vu5ek5s8u8EjnzggaIBrrMlEDWA191NosXLF421Oq_dBPihSGiyA0aB3HCR5Y0ttpUaykGrbaCphwoqzIvflx1p9k3svj5if8TSZkPVkbK6LEin0DCja0hW4815I8qS2BzQ2AHOPemyv_SmsNM6YVc5zkSsxCFbUdL7TfrWDdd2uZXFhCAtUMl-PPjVGyL7xOeJrbdRT9a8fNkWVC5M7y-vtNg-OATn6PkrhSEumNulPtKQjfrLmn2Q9N5Gs8wKZ8DG5UUgqOTI2nVT3C5faADHt9rd3FwAeA1Vv_Dqfl8ESFVwri4OiDnkKS3l8DGk44KwUte3NVcCNV--pdV91KfIn65Ee8PxYhdup7FZ64FSIJweRlQ4qN_UnRoHvNV6Bh7IvmcIDTi0e8WMfb9vgwfBlWGS5NBQZmZnYmXe7SqgxP_dklLUEmD5zJN8aKT4rzWV2HGMhUuLNSFOMXMCdcDFsS8pFKoE372Y61Mr9Xe5NrEL1EQvZSZMCEwLWhI2ywosN0ft9G7vIsP8BQcpSlBAS_KWV8IdJvrvjTEKlaT0FTDIakLEJu28mT5kkoFSpF-kpOpk2D0vMW7dU_CC7aqEeKpKl7UdjWv2jxJBT3PPBPjLfP8PJ6DmfyMp2oQhzBmtCsoy6Fs875_5nPWyJDCJb0Ctb3Ira-WfqgskunJD4kOzP_qgSu7O9Z36aaWZog-iMUcNg7Npv-DCCxntdNWd7rRNZtvZO9USuZdMXrEL1p3bLpGzY06FAklRYLpFTDNeCGGxmDYD_Urutm-wIia9VCbGshVF6XdW9NBUBdzQMcWxzYsff9gQZY8ozcxH0yQL5BqPmFWVOHpdJCSCi60RmzNlfk8N-ecHrwK8y6sWVaU7_84674gNquYv3Ypb_07REoLX_o2sCAsFRORfq9iXBnMF7sKSmul2kGdvKEdXaD_qgWqUUi5VBcugI5s8tN8YwfOOMryIX80R_whSNuz6jGBy1bUQqdKYJvGCnd8I7u6lklbfLcXSxymllvNXw7pkf83_iQ2e3Wqe708qz7Nr5ALJQoRki4yUMCOBWsHZ8d_gZpM0QQWBNeYkYQ5DVOPKmOxh31zWHo7w6E3viuj7zfofELxv1VXpBGnwRE1-yw5HTKHgjxc-va2VyqVRtvgrTZktUcpeRqdKi3SQ0bRitsyPY-OZ1Tqvf2OkoxIbaA0u-M2fJLhjmh3SqCWXgGP2T2eYdBl47qoq01fMND75r3GMco7Sli_cB2ZHxJE76D81okOCKowZ1RXR3GMckc4AAvJjpPosoO7GxZQzy0LdZzOu0DBd6Nw2hzlp_W7q6pVdiRJpFZW7l6WEnhgEC4ilguMPfoMUw15PFW5cmrJNY0J3qxCeua5ABLB44g8HmphbK9c0rEUW43yF7UC_WVf-6HktURL-F3As1msHNpFHcZHrvBt4LD14WiU0L3bmMvTKGpbSHqtJrFJZtzUuWRdrXWSYvhjo0gsLScPESKVKB3cvC-5Y2uxTu5S4aPG8JFbK6z-TwyYW8SGfyiwxNdLELUOKg-7u6-fHtGt4gHtuBZPAZtg99UVdTwZz9aILdPOmbK6FQU80koF-ZoVyWrP4wjiGJXe1z9t9TMOcaYCAl-_52x8t5UV4UvvRvzpm1DWm9aG_4wnEnQ-OF2cV-q1C3MojrOwQZB19Bizxl3DYfRirvon_2WR0YTRek1HGry68eUcBTUvDhmGKHdrGop-5yjjqZ67n5YS6oi93rUVwX0gU1oTcDRZS4KmbBktUkqrewtQI9YArWJddxqJn44ylA23rIceg0uCmP_kVN3QaGGvcHctl6xkdUVUyKE7fABYe1jN3ukrlQFPt87FWa1ktsNeS-bCAdHfxH6dUaAuUlOIn4yoxS__s7NsPUujFc6Tse3wj7bFChxVH_99paLVV7QFNtof4GCLUeCC5zbdGDQx5K8Trog0sYHLZUhjhySrquaTAVnMgnNgI5TwQPpTF1XRloz6Abtwb0W5JDCV7hr_40HeBFGbNIQLxbs0KqA_o0TuYjZW1_PO6ldpf1mIUmasPmb--qpGdHVu2LVarpkMBTeeUEOyUNyxttLYNFvzaVe_iZv2CkM_ednDOEERvnwdbM2kx5gLb3Z48vmrjAfb2DxQp4dAJ-6juSDShlvwaW9bKfWe6InEvY-ojIj6GsIN4o7BbrLLvLjVPUXOzqdYO7nannPQIM_r5LFCzDF7pu17RMOR7MWBwyeF3mvkhLHAE123f_zaeRF8EWGEu4oJpkMRUiUUnsjul8r76fgreZ-rZDBN-Jrgi6nxXFNwFAfxKvO7at2_yR0yDFQQ0sSg7BjFY8WFVaNqwWiyc2A-PkxGJrywY_hUKSRsMtrXjR6FB8v3qcT1YXhHTqe2yVcaSBaUKzvDK5vgKsVa4RTPLamg7zu207ugdvEiDPyexnpm7s9JQLNprz-nKEft9IfmBHWhf67SZMFbTOXLe13z_oltU1SkDT2F6W1Ir9JOf0AD3pKUgwigpQEVLo-QU8SarOPSy5MFWt7VfgnXTjkzs-qiyacztbKUFd2_FCs8hkfV4ZzTGvchqBIGalqv-7tmDDWdRBXLtZAvKWip6Mc8y_J0T-i8eVqUmlYLvtvvQNByKykJgmbEd3frl4FGjVLy4MrWOVvYVSUMFB1IlMu9YCbG1sl6ajmX7Xn52xnCYVJ5afCY7MyOZ6_uTIEMQRmB_qJFK2uGob8PZuT17MBfUZPQBmuuxCN4DJcHVXAUYTW2_1GdjLdpPQGQ-Io6qzUhlF7ZJqWgInJm4GL0FOL5R6i0dogjkWdjyFHfdzEBS-yPhAHROnGRYCxucP9ukO-tPtNgHyRUSZU8V6wiZUuix3NrBtV37B_NQ1Bsnf1w3XZH9Qv1XcR4GedZajbE8TNneW5ihVsl5uDt46A8qZ9M0YzCucmngETCboA72wt-EMXDWckv0-43iQmzbB2xKj6X59lq5tkDHygGYMYViHqtMIHA25s5QY7XGsjpjdHjKuBS6WAKPqX7Q3EKW8kva7CalIB9fLXR2xRJhsK0aTj6teVzxslbiB4-qnlkktW4v10jQBhcR0tRYOtvf-GpI6r_7S5HLnrPUFTQQH0ANG8eOgRk2EdNH50VF8bxnMYMVV4V_iDyKE0DvgWEwBlbAxRo0jIbfOV279jJkN_rPu2DL51B8PpUlkeserCbSHmL5BiL4RDCV7UrvNpayvRJcq4ijXvTCx6mrF7ViDuxALW5fVs3WtmfdM479YGv7XpCu93TEbqJQu4ygIgn8RlB6NoCsjrY0l17bbZU18beJXRfc8FROyJvABEz21SvhGvstwM3p5KVB2_Ioi7G07Ko82_bYESD6_ppQRxa-UCwPZk4Kw9zq_ioCde7nqDcTCtjJRsCsFe36rJkiStqwr8diwvimHjYrZWzyU8s9ybgREAO5SK0PBdOlRWbPAEzXqyMGQIk6tBXF2L1xGAOrC80CHD0IAdcIJTueg6yC6RHt1C8Jt1KzCAgbkvLzdyB2Fp6iUS6ks-aDcgerF0vYl45ShAnV24eBzvs9ehLNWQRATTlmZ3rx4508t314W-6WpzH8ckPHi_NZqFvbgpzlzq2A92afTCLnTFGQdP_WzUQGvV-f2DZocEuFnGjiwxV-wtKeGAM7xc2R64pyjGGy3aZg1WypfvICIO1-cHanDA3onW8typh-oM3GE15kV71pXUFteTHCdN55gRO8o7FqibzsAtVvVtyXYZMOjQjB6GXI-pRKicIh3WYT0D1-SYlJGtTWdDmY&cid=CAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=4840758945494097000&adk=2124396030&idt=97&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
480623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F820 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383993
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B19A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383993
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4500547324903106522/ Frame A87A 		133 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4500547324903106522/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
47467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23336
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 04:00:31 GMT
expires
Fri, 06 Sep 2024 04:00:31 GMT
last-modified
Fri, 04 Aug 2023 11:28:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 287E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvB1GjMr8TDPWZI-IlFWTYf9EWsQHGdossr7iA_Zr47cdrhbY9QopemQdTlHNigEDCeQwjM6MNqTF0KD_3AN6e7X8u9gnL4wJHbZgDaqDVJfNtkHtzSKJ5VkSVP081bFDDv1whKFBSW7NH-fw63vPr1L8lF-x7opzsZ9fcSs8tt_PNfF4L6xEAXjASUvhYO-dGHeilxETGXL92tFBFo_wE1_8m-eBBf_oTnoT-a6vKJDmKJXrgAnh_mq1m9xZutTxRCmqoU11PTFujl38jQVQDoNk4a8JxYeEQdkvbhqLaCxwcI2JXOqWc7Dwx9UtiQMHhEMwfbqUi6m059s7Ch1gfhfiQXHBpO0ti-BFvTWX3-mYAzQzkrGAKUySvkNYNZTJ2owx_dJ_JdbnwUPAsXwkBfAy6GhwgKPrt4wsvxr6RcpXMYQW5cb7ez6zka5dJuEUrjXNCoekYDkKesaTI0obhsKyeMDmzfgTr6dhII1l02VKu_rjy5nwy1FagQI61RQtswEMY4YmxVpziZEA58XirtJTn_xYW7Xf1zuHV4cPZ-ZWlFfQChmWmyTfXSP3B3epvCbyE8RAzljDVPw9IUhbwQOaCQLIcvg4SQ-KgFeQJviz91hA2ChB9aptCc5w0iRd4eoomnMyUNOztU2rCF2ZxZx0vthdkTcrVL8MdVM1EMFiHsk320KICSLW6TZSASSLD0bGrGbbdGXOhQCSgVF9V5E2hWDIEVSaVOvcncZa45Qp5SwiQbUv2nSv9eXGDqmBgbnUT5N_M6AIDjKLTSY047YZxJt5s_Iv2UKErPwDrUva4jGhGvPNAy0KdJZdVY4e1nSQOhlPOnFUo890GKS0LE4YSgTtLpBN3AGp_SUuAX2hdKv9r5SJ8ixwjubUdjWStkp2RUP2wE2ZSFdjaaFNrhckk7U7dr1PCzBSUztXUPmUvUKO8B470IMajN51b9c-2RhfeXPqqJHMzv6aN4kScsWUoF4qB9XaPV9ifUtR8F7PzmT2nk1U_KEh2mzpbh2HS3wmnIyW-KhHDzr7EPG16N01O-EuR34R4JZgT3b51mvYbPNud-ZhR4xVH6S5lEFY40Bs0c1hQoCdiGK2ecZmRLT0qEdXAIgJSvzyU3oQiAPCdv_gzMR36hVz1jNTGAOGjJlsH6YygdIhPdQETagUOro8c_pyTw8O8rpnTRK3IoBYksleJVo17pI37sbeUAchlcN6UrgrW17h-XXlBH2nMo2xjCU5PtS7aDI-hqwMEXtMibakLCF78&sai=AMfl-YS4hSRPXzfk-p1NqfpzoJhVVkIB5TEbyB8yVWF2j4qevv20DC6GToQR2bcRBYnkf8LZ42wiTO7-eC9IhIiash0Oo09OXg5a4H9mwtgG9jBvob1bHrQY0XI9UrWv_wvImeD8YofSqdyqwyYW_uKmp5h0PgZDfSyWHdIWB-AcBhJHRiM_UFm4QVjufe4B6FFfNjyNgeVkxEIE&sig=Cg0ArKJSzI9CMJKcTaVqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=350&cbvp=1&cstd=349&cisv=r20230906.08532&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 07 Sep 2023 17:11:39 GMT
xbvw43wlnz6z
hal9000.redintelligence.net/zone/ Frame B4E7 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbvw43wlnz6z?subid=&gdpr=0&gdpr_consent=&rnd=55721&extVar[]=SSP:Index+Exchange&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239502%3Bcrtbwp%3DZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw%3Bcrtbdata%3DxBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0%3Badfibeg%3D0%3Bcdata%3DrzvlcF2o0stydr60SavkIR_smBbzYPuIm3GBdJALJjTkrr4WFHyz438eiCOZQEdJLpGEV7RiM-evPCrSsv5_L3LLb10zwiQqt37nwxhVSlRdeoz0uNsdh6sRWCNx7bo9F5JJLZII9KzkPlaDTc2TXeFBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%252fa%252ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%3BC%3D1%3Bcpdir%3D
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
105be4f1932f30b7c0ff236030726430a2901f6571727c4175dc6f8dd87cc804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3355
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
track.adform.net/csimpr/ Frame B4E7 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67239502&csi=bcCRty80Ea9_mvzqwtwO_kJw3GUkeACuWb5ZHblnhJTrygPkIxxfk3UUpTrDtP0IQFErpfLnSXtpiFT5RJKXEGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dt
dt.adsafeprotected.com/ Frame 287E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=30060e91-5799-1e24-78e0-0a192ba83d3e&tv=%7Bc:nynHpV,pingTime:-2,time:154,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:660,beZ:661,mfA:664,cmA:665,inA:665,inZ:670,prA:671,prZ:687,si:694,poA:695,bl:716,poZ:717,cmZ:717,mfZ:717,loA:767,loZ:769,ltA:813,ltZ:813%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:33%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:154,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:33,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B147~0%5D,as:%5B147~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tPbZ3y1+11%7C121%7C1221%7C1311%7C14%7C15%7C16%7C17%7C181.990511-61634100%7C1811%7C1812%7C1813%7C1814%7C19%7C1a%7C1b%7C1c%7C1d1%7C1d21%7C1d3%7C1e%7C1f%7C1g1*.1593509-73170905%7C1g11%7C1g12%7C1h1%7C1h2%7C1h3%7C1i%7C1j1%7C1j2%7C1j3%7C1k1%7C1k2%7C1k3%7C1l,idMap:1g1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:35,sinceFw:117,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-13873632223024512580&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3038&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697420&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1459&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
wmoiqux43uzw
hal9000.redintelligence.net/zone/ Frame 2F4F 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1694106698075254&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f5dafe51d93abc7247e4d5fd7f281f426de9043666ac7ef6135c9ed7555fe69a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:39 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4255
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9FAC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:11:39 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame A87A 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4500547324903106522/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4500547324903106522/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 09:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 09:10:23 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E2D1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
383994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BrdwYSgT6ZOv1L-qWjuwPxJeTiAwAAAAAOAHgBAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 287E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssakbvW68vOwzT6gXsP6rFdLE1qk3o5AxmaOjY775VHSA34Gi14iCxcvh4yfVPc_u-rKvKnVf0ec-fYMX8sjpU50S8rdTFHA0t73NLaF_5wwPJ6fTJGHjlXQ-udEG27OnufeZ6wtwZoTNuYkkNzmMkwZZWRUnlnZxjOSQ&sai=AMfl-YRRWdrQXahhjB0EP7vtZyF516E8Gy3MMxpmx6JkU53x-TwF2vV3I40gYfdGCyDtQUf258J7urvZZJAyOKArm9uZfbl4-1Ju7TIyDQ&sig=Cg0ArKJSzFsIn-jmRKyZEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame B4E7 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:06 GMT
request.php
hal900025.redintelligence.net/ Frame B4E7
Redirect Chain
  • https://hal900025.redintelligence.net/request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900025.redintelligence.net/request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=SSP%3AIndex%20Exchange&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239502%3Bcrtbwp%3DZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw%3Bcrtbdata%3DxBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0%3Badfibeg%3D0%3Bcdata%3DrzvlcF2o0stydr60SavkIR_smBbzYPuIm3GBdJALJjTkrr4WFHyz438eiCOZQEdJLpGEV7RiM-evPCrSsv5_L3LLb10zwiQqt37nwxhVSlRdeoz0uNsdh6sRWCNx7bo9F5JJLZII9KzkPlaDTc2TXeFBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%252fa%252ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=2089097642383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
HTTP/1.1
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
aa4a7d90fead1e316441f139fb5469739e14442d2402119207232dd5bac4ef7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:42 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
63851600140844109150657012440025
Connection
close
Content-Length
330
Expires
Thu, 07 Sep 2023 18:11:42 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=xbvw43wlnz6z&nw=20&renderingType=javascript&namespace=97088387f5&subid=&uid=bb88e033c83a5813&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=250x250&scrollPos=0x0&extData[]=&extVar[]=SSP%3AIndex%20Exchange&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239502%3Bcrtbwp%3DZPoESQAAAAA19kpNc_cfm-SJ_jc6VWnJTd9OMw%3Bcrtbdata%3DxBfg_STlYgJhKvCouDY6wWMSrAGDkUclh5KFgSjFbN3WcrgwG6P2zTBuS21ffYgDqOTVC03hI_qZZH8nIeIWSPVW82MN7Zs6o5nGqfv2HrVI1fPuTs7DOGro13GqTpuXaTDbwrDTJ7nDM8p81EzY4L0YwHBrJXRBHEyJKBdPm2VdJLbu-J0XsRfnwn8PXSowxHU2WZclDNKQcrRkc6idGpukrpgOrEY1Mxdgt8C1-QE2kI5-7Q1yNlKOWOb-d961LT9NwOdtiFXAh9dL5n6_CR4W-16Be36rBZLwYsja3OLII3PM3OkJpTZ70UK--H0IX6CoDkvzFHymYorq8wYIOtN5avUY3xrh0%3Badfibeg%3D0%3Bcdata%3DrzvlcF2o0stydr60SavkIR_smBbzYPuIm3GBdJALJjTkrr4WFHyz438eiCOZQEdJLpGEV7RiM-evPCrSsv5_L3LLb10zwiQqt37nwxhVSlRdeoz0uNsdh6sRWCNx7bo9F5JJLZII9KzkPlaDTc2TXeFBboVeNKvP0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bg3.co%252fa%252ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ancestorOrigins=https%3A%2F%2Fwww.bg3.co&random=2089097642383&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 07 Sep 2023 18:11:40 +0200
request.php
hal900018.redintelligence.net/ Frame 2F4F
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=2652709461485&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
HTTP/1.1
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
7f65bf528da6876cac19452b97953da8a48567b405d8eb4f9c335e18c367a78d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:39 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
48322100127159404444994012440018
Connection
close
Content-Length
893
Expires
Thu, 07 Sep 2023 18:11:39 +0200

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:39 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=2652709461485&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 07 Sep 2023 18:11:39 +0200
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame F820 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 0A32 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?n8PiYA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame B19A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
passback_300x250.js
static.adsafeprotected.com/ Frame 821D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
date
Fri, 01 Sep 2023 01:25:20 GMT
x-amz-cf-pop
FRA56-P5
age
575180
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
eyOr2gEzpwxqPqcDEr0hFJmUnAM0jKI54sjKRaavR7EV5xVhOKFtPg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3432 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D03C 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
522fc60f50dcb1d321b948a81e966415421c507db0b625690cf8e4be8bbbccb5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PT-4sjBdMWB0-sPpLr4y0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-PT-4sjBdMWB0-sPpLr4y0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
Thu, 07 Sep 2023 17:11:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
avoury_300x250_atlas_1.png
s0.2mdn.net/sadbundle/2260711041913871990/images/ Frame F1AA 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2260711041913871990/images/avoury_300x250_atlas_1.png
Requested by
Host: b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
URL: https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5844340a0e5610b8eeda4422fa0e570ce36eebd31ebcb230e371b1edd792aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 16:14:43 GMT
x-content-type-options
nosniff
age
176216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
172545
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 12:12:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 16:14:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AA46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCWQYe-lfYwO_jla9aVW8_8ZqAurwmthLszNWsd-wRnojquZZfTpTuE1rbY1b2-PB86vqv33_W4hqYFl90-LndT-_KhLZAhVfbsyyUZmBGehmoTifHnTR4zgc4KkX7yPoLznI-rx75bNdy81IEpRtu3c3aWp92wbs4pkQfiUU61eAT-LpbAP-ULMrDtRh7rm3GSo8d7xXHVC8ga1DIjdbobY1NMokXR782fOeaKfOF9EoH03CVyf1w7b-DX3-8conqtAcd2QOqqM_hBfvsnh7-Mf2oyASejANWhIHhunHwRfBOPhCdiuWopNmqDu6spw328GwAuvCbRboHOsSuGDZj0LFMdV_EonT_xGBN4fqyf3Zyu02s-WCojOnt4ouCVTcCqY-_RbKtvGIQQGSr5knlqeqCDnkTkmYnsjuppBHdpEdwYzjd55z0D5icfNKb_6obpfJBGR1nHcG5Gz-WFkaTHSVafdsGyCN2V_2Db-y4rkpe4DBpFxi7Iso8g27U-Um1vWyeZINQBOgSEsbYgiFkCh6rpN78F8AmDGJDwpPjgcSoiJJFyRD6HPTtDhW3dXGTQMT-16wBnVLWGPAkZqpmtomXW3yi3MSiASWH9AiKqAULPwGgYuMa-lXMF-E8n3YDeqe2N_pPSYLj9MKFx8mtAoWr-yoh-9fHurVYFOTgVj0fKPYWKWPX-TZDjl0k1_tBaM6nbx8xyfV7RYrOmCGW-i9PkFXBM5i8oPG7B8GIXAfhbfM33-cfjZcVTr9fLnAxn14jLJ8WqZQ9ytsg1oQGTtM4RS9vD3YviQhdCXRyL0sS_jSpkoriQPx4RnlkqibVu2KIQ0XwLWPavO0pyKwWF3RhACDf5ShjWWawiTqrofj8C13M294_6nyqh88bQ48gzsOXpdtofPGm2quIHYW4KqCWdzp9NcZ4YJBiy00SvwB1gpPyBkM4rKvTtpGv_HyZ8vuyLgA06Y4cQGeerSe5Z4UJnfcD83aRS1E42Qgc9EMG8umTcqNk2ZVp2W3E4MUkeJUeGhrV80hRNYEQilZfr71xE8wLafKIcP0Xt6ORmkefro5cCKVEy8Ebp0rrvtthTGGyq6LbDbNJZedlzr3F9eZwpBWYyRThmMrgB8sqVcU913BWWS-lzkFD61xfORxCxvEC566zFHV7njEL1ABxflsusX6z7kwYigrcs-OP_p4uycS7E0R8bY4fSZnlexktvvAcG834EvBn3oFO4cY0hCd_olEMqZVkVJUt81PETZojwsHAZHLDvQeM9SwacdJIYxa8qHPBASybPfCO4WTffHK2M1eH-X5lEx89HSm2lp1SwMJG5cyhucMhoHN962m2zTscgw&sai=AMfl-YQDslwnfMIjgAWdk65oWKyxWG33jhJrlnOxT_nUUc9tPZLiJwXn8cp6x8nC-UySpsrbLEpEoDGfDEHsI8Ofyv28r664V6FRA9R4SdedppmaUS7U5dgbuUqe8VCajCuqwOYdwKl2etUehW4CtenP9RxDKaOMVf_pLLpzmjhAy9x-GijTjssBYgXI4OBKKd1pqdN8oeocBeV_usPlANZuPBkdAI--_KLyxuC34r-gQ80arG-mXWUy7xisQ3M5J4CJyp33PW0&sig=Cg0ArKJSzHi9oBn87acJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=591&vt=11&dtpt=385&dett=3&cstd=202&cisv=r20230906.85196&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:39 GMT
dt
dt.adsafeprotected.com/ Frame 0406 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=fd9b5b4b-6dce-8959-4bfb-431f374fd85b&tv=%7Bc:nynHtX,time:1540,type:e,im:%7BpLoad:969%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1540,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:30,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B1534~0%5D,as:%5B1534~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:360,fm:tPbZ3y1+11%7C121%7C13%7C14%7C15%7C16%7C17%7C181*.990511-61634100%7C1811%7C1812%7C1813%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1g1.1593509-73170905,idMap:181*,rmeas:1,rend:0,renddet:svg.us,siq:31,sis:230%7D&br=c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 821D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Mon, 04 Sep 2023 04:59:11 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
307868
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
jr7tuNksQFIkEKOmpDtCl0KZ1p6ZMh4dT4HA8cCoUkmRs3F2BoRrdQ==
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame E2D1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 287E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvB1GjMr8TDPWZI-IlFWTYf9EWsQHGdossr7iA_Zr47cdrhbY9QopemQdTlHNigEDCeQwjM6MNqTF0KD_3AN6e7X8u9gnL4wJHbZgDaqDVJfNtkHtzSKJ5VkSVP081bFDDv1whKFBSW7NH-fw63vPr1L8lF-x7opzsZ9fcSs8tt_PNfF4L6xEAXjASUvhYO-dGHeilxETGXL92tFBFo_wE1_8m-eBBf_oTnoT-a6vKJDmKJXrgAnh_mq1m9xZutTxRCmqoU11PTFujl38jQVQDoNk4a8JxYeEQdkvbhqLaCxwcI2JXOqWc7Dwx9UtiQMHhEMwfbqUi6m059s7Ch1gfhfiQXHBpO0ti-BFvTWX3-mYAzQzkrGAKUySvkNYNZTJ2owx_dJ_JdbnwUPAsXwkBfAy6GhwgKPrt4wsvxr6RcpXMYQW5cb7ez6zka5dJuEUrjXNCoekYDkKesaTI0obhsKyeMDmzfgTr6dhII1l02VKu_rjy5nwy1FagQI61RQtswEMY4YmxVpziZEA58XirtJTn_xYW7Xf1zuHV4cPZ-ZWlFfQChmWmyTfXSP3B3epvCbyE8RAzljDVPw9IUhbwQOaCQLIcvg4SQ-KgFeQJviz91hA2ChB9aptCc5w0iRd4eoomnMyUNOztU2rCF2ZxZx0vthdkTcrVL8MdVM1EMFiHsk320KICSLW6TZSASSLD0bGrGbbdGXOhQCSgVF9V5E2hWDIEVSaVOvcncZa45Qp5SwiQbUv2nSv9eXGDqmBgbnUT5N_M6AIDjKLTSY047YZxJt5s_Iv2UKErPwDrUva4jGhGvPNAy0KdJZdVY4e1nSQOhlPOnFUo890GKS0LE4YSgTtLpBN3AGp_SUuAX2hdKv9r5SJ8ixwjubUdjWStkp2RUP2wE2ZSFdjaaFNrhckk7U7dr1PCzBSUztXUPmUvUKO8B470IMajN51b9c-2RhfeXPqqJHMzv6aN4kScsWUoF4qB9XaPV9ifUtR8F7PzmT2nk1U_KEh2mzpbh2HS3wmnIyW-KhHDzr7EPG16N01O-EuR34R4JZgT3b51mvYbPNud-ZhR4xVH6S5lEFY40Bs0c1hQoCdiGK2ecZmRLT0qEdXAIgJSvzyU3oQiAPCdv_gzMR36hVz1jNTGAOGjJlsH6YygdIhPdQETagUOro8c_pyTw8O8rpnTRK3IoBYksleJVo17pI37sbeUAchlcN6UrgrW17h-XXlBH2nMo2xjCU5PtS7aDI-hqwMEXtMibakLCF78&sai=AMfl-YS4hSRPXzfk-p1NqfpzoJhVVkIB5TEbyB8yVWF2j4qevv20DC6GToQR2bcRBYnkf8LZ42wiTO7-eC9IhIiash0Oo09OXg5a4H9mwtgG9jBvob1bHrQY0XI9UrWv_wvImeD8YofSqdyqwyYW_uKmp5h0PgZDfSyWHdIWB-AcBhJHRiM_UFm4QVjufe4B6FFfNjyNgeVkxEIE&sig=Cg0ArKJSzI9CMJKcTaVqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=747&vt=11&dtpt=397&dett=4&cstd=349&cisv=r20230906.08532&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 17:11:39 GMT
dt
dt.adsafeprotected.com/ Frame 287E 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1593509&asId=30060e91-5799-1e24-78e0-0a192ba83d3e&tv=%7Bc:nynHwn,pingTime:-10,time:554,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694106699403%7C%7Ca78fa532fcb97e4b6cacb47434d509c7%7C%7Caaf8e1c5fa6f2472e971350e5968c28c%7C%7C4f44e1d79c7cc8a61347948e58a4e91d%7C%7C235fe2284eb5c4c71e8252225aafb284%7C%7Cd3ab8abfb57d17e41f6ae531ce63b710%7C%7Ce08f77d753892b58e883e8185c79d6d6%7C%7C8815e8bfa1a8f8679c00264cdf84de8d%7C%7C1663701684,im:%7BpWait:95,pLoad:542%7D%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:770b:e7be:3f6f:3579 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 3432 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D03C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=1296597380957355&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 28DB 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zpqQpQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 063E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoN0_VesAMSpWJUG806h11c_6yDuRPDBJ7af5ecHyrfwKn0eaKXDci00llxMLMbNs1BfsMMUyA6E_98KnDOSSKNvBYbo2_fb1zYFikSA0qJZAElBtXKiIQP5SiRUDM9wUApXs6H4TkmiCP&sai=AMfl-YSHTLtX5BzV7oyuMsB3TNjmQvUylIKmuslj8z627zAp68FfFIuQFb_qKVwH60msp-EBrZXBjVU7W260G6ZVIG9t2lw34v7_OMKKbPgCfH2rcZna8Zw6wG1IDPe0&sig=Cg0ArKJSzJtwq8sJBRjCEAE&cid=CAQSPABpAlJWZH0YjzTLSKfbNrGfkvJFDTFJ7O0liHe3ISI4_ogCZ5sgKq9PLIvg7RY-HXA1byL7D7mEh0j-ChgB&id=lidar2&mcvt=1029&p=1110,436,1200,1164&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694106697900&rpt=499&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927
8019191.fls.doubleclick.net/ Frame 0469
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927?
391 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927?
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f198.1e100.net
Software
cafe /
Resource Hash
f66e93a21510dc8145b088e7505238f89820a4008839491bb713855ddc46e474
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
Thu, 07 Sep 2023 17:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900018.redintelligence.net/ Frame C690 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=48322100127159404444994012440018&a=c968998d
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f8100f91b0&subid=&uid=0484ad03fd13cf83&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChaURSgT6ZPbLBJuKjuwPuYqewAWm5b2gab2TnKfJD_AuEAEg0syBGmCV4pCCoAfIAQmpAm9vcMeQ8LE-qAMByAObBKoE4AFP0Lsecg3C7GSokSzseGlMmx9yPywlALx9vZjSYgE2fbMBlUNgvKdnV2nE0KfQrbfOfWN7ccL-hlC7T3uJjYJLvSq6pyqECmKOU3zC6IHQoaDmIkjpIZK8a_GbPqzx0BaVCdy8FwjJBeGJ3_gFWtMToq8KTedanI6O3A6cwcLvwybBc-4vTpMkmW-yQSVQizCjbd256dDL_oeYym5mEi1xZLpF6Rqko7EW1Ndy8D6raAB76Sw1yDrfuWd-xFRxARO8PsK1yEqzEwWmrp3dKktUp31Hop0qpEW7yZTu2Se8-8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMI9pjNn_-YgQMVG4WDBx05hQdYEAEYASAAEgKAM_D_BwE%26num%3D1%26cid%3DCAQSPABpAlJWEB6A81zNbRy3C2usUYSwgSuhW6vxQcsOyc3LHlqKIca0gn5k7VaZ_LIhnu5Cq7OBWQ6qrkSchxgB%26sig%3DAOD64_3qfOeEh35TCa02k-F3Oa7Q53LPnw%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-C4Q9_kMMnClq8R4XFAPpX3xbmWOPbBJhcXwhscuuvdnobeieRdzLGK1UlCHCoP37O0wvtI76nQGp7375-JTgQB3IJYW2oi3Z1cEmrM3JmuEj9pfAtbCIzbh-bL-ly-7IXyOKL5qsGL9CJU0YMDypzDwCp0Y0r-brGq6J6-YzcVwZKeMDE%26cry%3D1%26dbm_d%3DAKAmf-BkeWij9pJEVXcCAlewD0cO6GTdrz5oimct-oW48BckKETFGYPOV8BUfQLj8vKb-ubeOO9PlDin_msqZqJ147vNPci3Jw9GdWReZHTRegBal_pKM5TrGDBaqkV4k2pTOCVjEY9fN0dDOqioozoBga2UN2go2bj7f4s136_rd9cEcGYgIwX9qZ656tH3reAe3tUQCOHaXJJUV1tzNHotPYPbvi73EebhbZZCo1ohUoY3AQdI8iBCP_cPJEhqeqMhkMpAAfpcyX9EQ076w6A7ffGCPZy-fnsH4ktVD2USK9E3oxNdwzoZu2f1LohEGqNiGCEnjDsZNkfwDRmmN-TIuOLjh-VVA_8ouKgpd7OeyQhWBkldw2hM5ZwYPtATp2DC7351G9YKk8R2ZOyrmzc6qlXUMbI5R7CGJTfNDOgHp7Wv5fdprlCIB7LmSnvQtIxH_9i7AgZF-rZrODdjY6Aqjil98HgjVhFNhOPPumLpUV_TLFihqU13GY-dYhQJHDH0O6TUMUXjPBFVncclTit0YIFYeP6sb5vM2MaJN2vjhQEIqoTiYzhDA_P-E5ihYabQTUO06sKflbQNugJJZcj0NdqrOE1AXFtbjf7InrXya5bBfgT2GgY6BY5PFWrlSu9QIkkC4rPfCKAvwZ9ONaQ6auxOrCcAkg%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=2652709461485&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
566d598099199f4a6d2df6f0e78c6625d0c3ce3cd68213e129ee46de64445b22

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1412
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Sep 2023 17:11:39 GMT
Expires
Thu, 07 Sep 2023 18:11:39 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAB9 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzmIrSgT6ZNjTBoiyx_APiPqlwAsAAAAAOAHgBAI&bg=!n5ylnNPNAAa6D61Rmg87ADQBe5WfOLDNvChnBYB66MZP8M9RFS-Wftz08NA33qQX4OqB3lRaO1LIWPKduDgBw0xr5jR-AgAAAdpSAAAAB2gBB5kDD2ZKxaKGT7_G7dikXMfAHb32cFy66Y9peTiA-1dZw1I-7ZcwQfsIw-xQpGUW2AqUSd66KwTuBAEvxgnbUwXIbLPZKKQ8mKmlisgZNkeJOKzcbA37YpWGmgSv6wVgOzJErZlxWewPCf0lqAu3vyanhJBpFVuDZ7grH76NxsVHJxp9wMpfcSNa4e5aDdkFNB9uufBEwm3ldJTu4f1UBblJpJOa8yyKmlESXgMZjzbONUE3LE7c5JlGr20dZ6XkFhBunS2-l_YGP4Lw1Pnwdbx7f-HmlDp4pFQHCyz8_MDoYoSd7fs4O7lUD-8Z8YNfraRdrf05QiTMWOKDWuWMT_TgKqcEerXIus5iwBB9EjN4sb6ZCLU1o1u98RrKFBDJXzpBigm1VskVQrygvigsDUYoRhKYNfmf-S1hdn92GZEk3JvraDAr7Kq9xhcClJYb_eILXVbeJmKZHVwjAQdpn-yIOIF7FR91K1y4BtouzxqAqfrEDUIOW-xW_5Gmg7YK9Fr8pGP82oKeqPdjyQW0YOv9mG_obx1Xm02enW2eOJxmFCGgiWbcAHZuHMyMhQV-koFbSMrJ8bydtluFyzNUi_gb_Yq1GPGexzj5wDQ6iR_8PWjkK1WxwUybL6I06d5RgonpWHzL_FkYdEGp7f7-k16ZnvSIKNuoGXEattF0H8lxHs0-J2rKeWEl-ZIyhbKU4s73snWqEOPgDMCP7MmcvaiZob4MSLvxttSB1U4kCSkL9uOvHMFIuEU-t5D4uuHvcX7Pc7W-JbFfDfoweFkMibpVach99NdfvRiG1kkrJWknpwG28dEVRY3Ai-lXo9ItLL-012eWhzZxedOLnWIWaZDNBxe7Km_JYyZsvf5HDXMVVEdWo14aJrVmOtCTdek9cvne6I0Qy-AJaSdHM4F0RWWSZUsJghRKQFyT_uEYl6le_ZhE-cJbpgn6jROTEMdcirLnjlRaCeoqLXYhnokMpqssUddrA6TYXIZt1dOUEUNXg5qUB1JqwT64fhV90SEEO1fCZ1ZZ_-R2qAPvyoRPpdxx3Q
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0516 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2F4F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6966129146e8cc20ac37653ac2399ac02a408691761b8670bad2ad29f8e4c249

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame C690 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48322100127159404444994012440018&a=c968998d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.234 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21038.dus4.fastwebserver.de
Software
nginx /
Resource Hash
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:39 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
viewability
hal900018.redintelligence.net/ Frame C690 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=48322100127159404444994012440018&a=85878f9c&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=48322100127159404444994012440018&a=c968998d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=48322100127159404444994012440018&a=c968998d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame C690 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927
adservice.google.com/ddm/fls/z/ Frame 0469 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPS_qaD_mIEDFUBMkQUd5rwFmw;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2701989490486.927?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 0516 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEEieI_aVIquc7i50B1febPE&google_cver=1&google_push=AXcoOmSLLKBUr4_A-nHIoTJ9G-II7QG9nLjWx_KhpEnOzInPAr-RhTBWAxneQb_3Kaa17k13hPj53QZVyq_PyQoKIQGVs2MobmtPPQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSLLKBUr4_A-nHIoTJ9G-II7QG9nLjWx_KhpEnOzInPAr-RhTBWAxneQb_3Kaa17k13hPj53QZVyq_PyQoKIQGVs2MobmtPPQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
803092793e1b3631-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0516
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENJvYlAOZo_OzQmtGT7K6jE&google_cver=1&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9O...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjEzMjg2ODE2MTk5Mjg0Nw%3D%3D&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9OqAUl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjEzMjg2ODE2MTk5Mjg0Nw%3D%3D&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9OqAUlHmF2COYVrhqw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjEzMjg2ODE2MTk5Mjg0Nw%3D%3D&google_push=AXcoOmR8YlyjrXdFPO2gfHJWGGGnlIo4QAvIoZMy3kAsuS37ufJSoz-h5Hg4Pr9AOy05p11pcWdzrKdrVIZg9OqAUlHmF2COYVrhqw
Date
Thu, 07 Sep 2023 17:11:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0516
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESED234OBNHr2VTfmhtvcZiMs&google_cver=1&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JcXvfPKxQnWYOZodedoGQA2&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU94LTxY_l8Yp2vQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JcXvfPKxQnWYOZodedoGQA2&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU94LTxY_l8Yp2vQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 17:11:39 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JcXvfPKxQnWYOZodedoGQA2&google_push=AXcoOmQHT40mOouVictRR_erMWsURcHj-rEbbphkOYV5VbWr5W1fd6FSEBWKD81noLCOH2LWytpfWnuhcoqyBvKU94LTxY_l8Yp2vQ
x-host
tde-deliveryengine-production-684d5dc7fc-pb2fk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0516
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEH9RU0OJXgLlvausUm0LuU&google_cver=1&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskhbu...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0MDgwOTc2MzQ3OTEyMTIwMA&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0MDgwOTc2MzQ3OTEyMTIwMA&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskhbu1fl1WsQI8gO74blJ2dof3g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0MDgwOTc2MzQ3OTEyMTIwMA&google_push=AXcoOmRakTGXSzR6ArxW-LMmjM4YdABEsH8G8jG2iQRZwDsBu94RnCbokPj7a6HjszGaxT6tZwfskhbu1fl1WsQI8gO74blJ2dof3g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 0516 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIcYUogx3FHql1E2MTs1bII&google_cver=1&google_push=AXcoOmRMXnin84IblxqRe0JgMP2XANQqMvbNvZvNVk3lQeCzmEWtIAqxdoOO1V1i4nxCZdLIwcWVJ4SXApMnIQcsqcUJleL26QJg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 0516
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFIfpkQRzlAIwx8sw3Y13YY&google_cver=1&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJz0UMUZUzFsGk1G6GD1HJZbKby
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJz0UMUZUzFsGk1G6GD1HJZbKby
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05RkRYQ1AtNS01RTZZ&google_push=AXcoOmSENsfcVy34cY2f_S2iWYAXbznNlrFZ8e7UcK7zCGENVdXZL0ZVdsTO2R-Z0b3QA1s9WyJz0UMUZUzFsGk1G6GD1HJZbKby
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0516
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEG48BwAY6YMCNdAakddmtXk&google_cver=1&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvxSPgUVRTJIlolzEipBAoVpXX2-gayOMcx2JZnpe_83l...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvxSPgUVRTJIlolzEipBAoVpXX2-gayOMcx2JZnpe_83lt_bQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3NzgzNjYwNzY4NDM1OTMwMzk2Mg%3D%3D&google_push=AXcoOmRcxMJWYy9zZwJoGx-5QSTizPgnYb0rycaSNNLBM3vSpaXSRxvxSPgUVRTJIlolzEipBAoVpXX2-gayOMcx2JZnpe_83lt_bQ
date
Thu, 07 Sep 2023 17:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 0516 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFkwsA1xl9O36UkhesNJ0KjrISyaUe28wDoxl_BFyE_14ywg-XuvQgSeVI5-1NQGZta46W
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694099498&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694106697452&bpp=394&bdt=537&idt=595&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3Da94b14f92e129a21%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MasN1E31dcxWamDzNf-n6pmJsvPUg&gpic=UID%3D00000c7012aede6c%3AT%3D1694106696%3ART%3D1694106696%3AS%3DALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ&correlator=8386536790320&frm=23&ife=1&pv=1&ga_vid=112586596.1694106698&ga_sid=1694106698&ga_hid=1662006377&ga_fc=0&ga_cid=amp-kaFzOgCJwih38lmzGTyJNg&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2451&biw=1600&bih=1200&isw=336&ish=280&ifk=607467518&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31077221%2C42531705%2C31077641%2C44800659&oid=2&pvsid=792189895965913&tmod=781011633&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e1ksh469a5ih&btvi=1&fsb=1&dtd=607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0406 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9550187039686&version=m202307240101&ct=76&x=1&cor=3968244689812451000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 063E 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3838939496465&version=m202307240101&ct=76&x=1&cor=10294665872422564000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA46 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn0_tlUqoOFXIIGEtp6JbP01gxvyQ71u6iiyJAb4E_DToeebcVD4uvBCQh3Ww0Lfz9v9GBH1txtQS2F0iJoFpHwzDTkBCTkyCGt03EIHxhLYtI4nOBuK4tRMTY4M8tFkQNRS76NLWlZ9sp&sai=AMfl-YTy7Fx2mommWcQvdUG4fz4A0ext8w_g8LpFqZk0RQBe9y1X8oAST3sLMGIBL-C5WrtuSP6v03K8IOf8vs--PmyAiq0WIdChfndk_rtteRPsgvMCEKlcjrpEP3zw&sig=Cg0ArKJSzBETv5Rl-cUwEAE&cid=CAQSPABpAlJW5nYksCHU_PLYtRqd3rb9O9hbxRvfaRVpl4_uQsoIHV2sE7WyDss_9fn14nJxu91B8o0B-sQAqRgB&id=lidar2&mcvt=1015&p=60,320,310,620&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694106698166&rpt=552&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B19A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bqol3SgT6ZPrVHPKF1PIP0qqVqAoAAAAAOAHgBAI&bg=!QEOlQwzNAAa6D61Rmg87ADQBe5WfOHogfmRj88qZgw5IfARW89erP-iynkwO0QkDM9n0X1b6q9-IFtUWEu0ixiVXhtJKAgAAAbNSAAAABmgBB5kDAS1c6d_Q3bOhTTTWFFD2NFrFn2WQZv5MSNPFzLT-6vUGUDM3c9J0_VRbMd8VDQiAitrqqc-wB-_z6KjQk3LeYNwrQTsYFutoDwNzJ0gtYpplrlR9Y6Hz0THgYFOgFUjUdfOD3BDImr3AYUEL3vkaRu8J8RBLxOlcbR6r3RmRdq5yGiZG2QCIYFtOB67DBv0FU3_7AbElH4L9TFWGq39OST5WIwYty45NdZt0AF31OsWWxbm9Cmm4P3A2n1X7ZeeJy7CqQd0cS2FyXbsP8uIkD6kdPOB5xAZ2uhQ2bKn87d-hQdsttVdhk9b7oCSKLZM6g7nJPJaVqnH81rechxYLN9TCjx7QCvc5S2AJMqd6CdpYBGNwQXnUm65PYiaXgyRrPTyUlVl_ySPy4IYLAwUSaSWSpl374odj5iKCDjdLrvREWgWC-mvCchaS0E8sf88rqbEkEl5GR9KumRWhy_BhaXVwbk8pkJgsx-YTB6QaDlg8LmamRG-zFwpQjKbJ1Z0j_IUcgGqc4OjIQEansVlS5lVPB2EbYpSxx7chQK1DCeVoyhbaaKq9m1BhzLBaast-4Ugv_kP5ucirlfpnhPFysHjjrtDAAtf1TTPXGjeOQ4FiRDXR4Wl6cGC_HBGGuryvCJRvHp1uzLj-J-BommzjQ8ENdT02Cuh6U96VmwaWrhOY9NFDh9H7_ADL5YXLPU1sYLSn95mnkYjGVNTTMLP5o1wqvK8324qZ91tRW0inWEdThrTF9o7Sim0YV8VTWcxgIqPBz2EBzKB8YcexO3-ylUSJgcBDsykXsi6SxZ9ca1SpE9XTLuGYzADNbw47ubR2isU4EyLK6Cs7EM7ojEzbT9iNbid4KRg-MOKz6FUh6g_m7M_HlY0N_3NHnLxNnQmyJTv_4MVESi2YcALxKHiRqPwJmL0a8B87Rjp8jjceyFcGJgdrsunmgndK67IXskaXdHom1A9JA0MYhjChquD5OLg8GY8oJhQ-yWZe6mFue-Ar6rk1yl4kwVAqOLqcMFWhZFU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F820 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-_N7SgT6ZPiwHIKxx_AP7oikuAcAAAAAOAHgBAI&bg=!OzilOHfNAAa6D61Rmg87ADQBe5WfOB_BpSeGGuxN6xZWf-5Nb1csQgXTumAm4cp_WyXYI5RZcAv0UeWVhkwYuFbupsrkAgAAAdlSAAAABWgBB5kDDxkKdz2x3wMpGo_xDU8nqBkEft2bL3iz4yKz0EQjQtx561pl0JPC4zaLT8VMBMGLlnmAuxr49RtgCROr-CuU3E0MR-qy3Ff--hydccLVXCVBMA4qymLijGlI5aM2VNUAquYbTKyhwmWz6ipkYtjIGl4GKiDB-1hYIK53To7xgrKKtLc8Pz7xT1PAWhUm62QIuyNwVAJ7Xg2mOlNswd5YMPoh5r2QO2518NLl3O9t2PlgHp29cuWKLkqxCyYr9D5obWkQfO40EYE523s7-hVpVLZlwZHQQe9O_tr-K9FD9mtnHbP1mkpUWkZ3SYiDfEH9uWXJpIjVgBWjaqQEZLfvIC7wIWAKLW_6SlN0_l0ECXtmvg-7WWkaLbEpAHwWqRZ5ihI79Ne5XIUv4K4CPVzKxq1wLmLBIGhFWyMNhWI7ZkKS2VIk3K44JhQvChUDLN5tZAgRVHsvFmZO-IXIdVrpP1e9vMZaUNBtnPiszV7cPvpBgX2drCQ2EX1xOckpNbvix4Jvp6mVRRhzTmGmFKpou18svb4u0Hms4OiJEXC8hCYAqtuAUk2yo1t-crVb-Oel9YQb1fhNQ8U-99cOZY-eAo5FaanEsaqCg5khNTXPwV2KTXkH8QGV0tRstk4ZKzHbOMBAtWLItGVQsxm_bKHYOLKdFcH23IleWkg-HB1CKv4cCt9m_SpWO6V-KSp3o_g1QtAYNH96VrVD0idzYM18VUEZ59tUfAdY4Xg-kE8h4OzSwwkh-QXvha-HHSQ1X9TI6ZA0R0VGSREzbCv8mFsBmE_sqgywZsazC2GV2xxAlZr7MK7mZLcOTEnZVkVHbAevWcgFFZmCBAaI7wMHZdgM1ANxceNjAPiHGkMquwlWSxY0EUfZRQhGcU5zHDDa2X9PeIDi2YQRt5qqnnxUTc1Mwd2QVI43Uh6fUY7kQE8hR2NjTzLX3DXpZokiCxeOWPHtX1WWyIhWxjX_6ex1XPFjoIPPOgRA8wyiNruAb27emdnAksX9b2Jj7sqJbfGVfshGvjYH9xq5yb2cLhqvlzgFag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B259 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1b745bde8193b5ff3c09b0f513c084cf90548c701a50491a906abcfe4621956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11664
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 3432 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?XnxWTg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2D1 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrdwYSgT6ZOv1L-qWjuwPxJeTiAwAAAAAOAHgBAI&bg=!6Oul66TNAAa6D61Rmg87ADQBe5WfOO4fLqXlct0Wzf7C6bgrgfS1SXprAsEWlTPApyMyujufkHwoaMnyamyMOnpjey3jAgAAAYVSAAAABWgBBwoAZLrj-BbK0PdIYU_ufuoaoVJsh3QGfV5YHnZq_sdeVOYl_LMMWr6RDrB1WFyNoNpOQYTpZb4yUE8lyP5zPkHvp-3clryUsxDLcn5oMcVRbrStSnTMIbRZsXA2rsODZ53sevUtz3OZAvX0EON5JOeYPYilkDd4ZVzTGjAXOz5klM-uFXiYucY74aGsTc7pNzn-YUz0EwaWLeDL2cHcw1ghhremw9rsJDJI237-o7XFcidBH8gsiMO4vbpXXk5E74sZQ-861YtsqqvD5Eu652m3UeN-0zjBlpDZAYwV0ODE3cXGNaATrLEVNsQEh7M_4hOaRWIXa7H9AKcaDTDIHdGnOTyyHv3Y-YRwEMjtLixyv57oxHF6hnVdRzvh5lfgRqfIwZcE-Xd8yu9YCbzBtd41HTtBSVSKNOCFzbGm8GMngL0iPm6i0jDniGkiCxQtSaIeLUS1E6_wc0XxuD-bSyc7zMosb7y24lOi2NmMKEKdT9hNRCGas9W5l9x2FjYpi3XCFTfMK3MKAunilsM1Agd3V_ms5adNM0TpCfh0pR-2ZeNO9P6e9_iCsfCfEIDtK-9AvmpDbrWSJP42s2fiY06p-mHZcicC1xkzWvjPCcd6Qlrrxmv9LO_HEXyHKsFk8mXUK8lMspg8BvG_NZ5O29oyWDjUZi4NpS6vQjUqSQa9vwxNjejPZqPKLhpefCc-3hgaNl4Hb30nGGFcNwr2dyK88hRiZ81JKqcukJBNIvU8xoU17u1XbqlREseRQmlZzTi2165QopTm50zw49L4QtcBT7OMWcUbNDQkXirDtuisrZJ3oMdfXadPxdtjg7WehrrmBXcjv_zzQNlmXzSnl16fejlP6vJTcYVgorUasgicV359rGSuWsCdMM95TTL8_cok6JT4rjOkXAHdmN9HfMvkHVR8webVnDaZOz6L0fQEwHJ2sGxPnAk8JJ8gyFvWtNd8jHL9c199cBqFK8GFBVl7xQ0qSVFVA_ZN4OGhQaYHBwyyjWeWLzIkBks3BddPa-OK5diIGa2RVk2Tp4lJ75iSKJX9UGM_FmPml1w4iz9Uvux3HQhpLfv7s-hlDMZTZxw6FmAWdq-GC2MjwiFESedzpahAZOKAJOyiJE7Kut6l9D2dQNvHfZO_FY9I-XOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=4006974417168763&bg=!s7ClsP_NAAa6D61Rmg87ADQBe5WfOA958K6eZzFVeTBL25Z7tKBWjt-Mx6g86Ji5fTCt0wLKvyHJ2_m-U5z1ERSp-qFtAgAAAdlSAAAABmgBB5kCv3WDbfjM3Wckg1FPoxfQdcJQPm6a5Q7dZRb4fgaISf300O4DNJrb3W0moSAwcQ69a8qKoRNRsTEnj0sb95KCzzhvsB7H6mHruXuO3V4pTBCLqvtDnOUJFqwypxoxV_5uKlMVPv_u0u8Zn6prHuveNjVFyKqG4v3FUA90VMlnwOrVujtGT7dG4VrfY3ZzuaDxsoWn-4xCFAny-m8p0FRb6aKmRQNdhVyVxvx4RtKB7DYiDH1lz7gTR1gTDagu0LTn5r7FjOmlm7pspKAm4jmp5PMt22SYi-zR-pKlo2kTtrDppQ4F-zArEdoQ9-3HCaueIYJDeE4Iw44r6cHC9FbWjbcjwFZnmOyiayu9U0C80DGoAgWV-gxv6KirNHgHt8cqgyjjT15JtMFgjtUpxzBq_DQSQ1XZEw7EbwhIfTbTFt2frvOnn9NWSoOis4ZQQ45JKeg90IIWVHfUrPCDN6IQI8lhJ1RQqalC1jZzGizpPNy5KU_8_cZnhaA0Sc1Yhw0R-Fmz9Zp6Fwv1wOx9z6dvEAwDFTOkTcH87_Xc8F7r2_OaS8M00V9Lph4M5Wg3TITjKubUQaGNaUQH7CxvQmyvPq5CMtGoOx4RsEgpaCVAV_XLIKgq3LChOESbN4We8sofGgKvnh4GV8pPvl2IktYw5Id866FlkGYa4gwYY1pwAwoojDBH6LUrO-bmEyFXKVAe-txlJkcNi0dXek_Y5fyirPH0va6N8EON2T6AmJSvIzJ_avxFF6s7jLrTa8xpyLqnM0SL3FbzcUAPfYDjuK3tzXNg42CWlgPtPvOior47KdZA7hoNYrDst8M-QqJ9-WbersUY_jkDuysK7Zc7ythNJwPzwQgTpjTjgt586rqNTWRklaKQpFCq5-OO5giMmXvtUQc3u1eokbzs-8yspuGxcY314w29Ykir031P4kLEYNQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 17:11:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B259 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:11:39 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 17:11:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 457B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C42B 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
179ee6dfd0a200d378839d2f991cb38eb71675e2024d8f59717b0d72b2bd5c0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-98thl2hVgZxVDE5XArCd8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-98thl2hVgZxVDE5XArCd8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
Thu, 07 Sep 2023 17:11:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame D43E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm1YM6z8CyTv-KAjIng2ogIJaKEWi9M3kSzIWyYY3l4IAb0988vBkx7EkLMowMaAA8xhWtTlWmdZQVzEoWYRpXuJHzF3nbjYUtAQNQxxy5tUl_r9bYWXLRyT4fksHdDp-tJOsam1PId6mx&sai=AMfl-YSN6Vj7ICXoWXhWMDVKkXHCCA29LknNFTVpAKCBg2Tu76cNQ8IASBCU_b629zUxky9g6c8RAgr-6eY0-WJ6w2H_00g6FE4wdKhGpSP7rdhfCeQ3MP9UiYyNmhWy&sig=Cg0ArKJSzP2r3NBNUK13EAE&cid=CAQSPABpAlJWd-JDbLJ_0HskByPc1bdobulP8whnOJluodjSTGoaDEMAXwH3HfJLkKFoIhifiFYFsQXeGtovTBgB&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694106697931&rpt=991&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 457B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C42B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=792189895965913&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 457B 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QLShYQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C5BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240102&jk=343052364237571&bg=!e3ileDfNAAa6D61Rmg87ADQBe5WfOMFTZBmtx-oIUVhOGzlSL-e3VEuPcty19p4M7P3sW5MU6-FylVzjre-GcbYW6UC2AgAAAhpSAAAABWgBB5kC0Ig1HXDJiw5El6XZ54cJWIy6MHm5-Gk5Qjv3OTWQ4gGqawl9sKpwYlc1aSNqhXuDZ0SkGnASm43Hlyat6dyJfsHRO385e-SzrCiifq3yULF7n6x7HuRsPX23O4EucZn4ND5MTl63HO582lIxkgt_pMGHOX44nzwFiuJF-AxSw6gjkaIlusKDgq54N5pskgi_8LgDEaAtyW4alsWO6vhdsIK2nD8bIs9raYKOtKvcI-IWmZIcoERO7R5CLCeHTXD1XTg2uC05uvvcTy4CoM68y_ueLUbHMNTS5fCsdGbqD61ZlB4IY7Fw0jpUg_xJkzwQodD3Lna7Q8feXXg2wAbzp-2XviXp8FvgvtRj4B4CD_dclZqZy0m9mCY0QxVtSlH0IgLxgM61yFblWAiSoV3e4VFzSR3z8vOTxJuuWERg1xxItqcovutGXPCkmPmUVG5owPKrFisYDQnO_QZvY3JPsHfSJ-RaTNqRUQkA4rYkYV2EJkGS_JqxVmwzOq7c0XTU2Zkb0K9zHOjA_mtTJZXM6JvvFWHdssMTVHJalFAIYWR6Hzxp-IWWIjOHt-S0Rol0YiqT90H4-7l8AkoueP_4E6Us0qnbAnLmBhh-hqcJPjcDtB3lUsnZMBa_65hUECdWNlZyuBYhR42shMtQyG-I7Z6rV2gUl5gyb9_9yEgXPp-0OIpNHB-8Sgrn6FW5TQhhUD8aISFtp_wx1AWwQAXgl3kj5d4yeDWHOXeKFupJO6qXofH78hI56Ngae3QCHtIu7Sl9SWA5xdvfWYwpz9BTSqBfuJQdPpVmSDsrL2AXX4k3pgIoLoIpfpr0cijYCIj5lnozQQ1LsgANF2TaKFiUQgjrSEQ6YmQrFlLHoCXmhx8bklx9ptcdsFVxblY7HI05tzQy0WWv6NUkz8mWtdiwe9UGDQVquZR3YSrqoXLs322dJnND2ceXQBhF5LhMMjcpXg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
951 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694106700168&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=1828576559&tz=120&viewable=true&ddast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufrlt_vA!ul143917-543_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ceff04778a5b667890b001652158c773315f21b60ca28e73f257637f6667710

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Sep 2023 17:11:40 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1447
x-cache
MISS
x-served-by
cache-fra-eddf8230090-FRA
pragma
no-cache
server
nginx
x-timer
S1694106700.167328,VS0,VE47
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA46 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8164968498124&version=m202307240101&ct=119&x=1&cor=4725914183025405000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9FAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=1296597380957355&bg=!dXaldjnNAAa6D61Rmg87ADQBe5WfON9D5t_pFoCgLYdt1v8jm-5XvgJvc27NA-yVYoonk6CCAL4sgZOmbR83xqMXtY3AAgAAAOxSAAAAB2gBBwoADvHRpSPT4QAW8IolOhlVmQLP9bbD5Ammsm3UZbg3E1Z8GOM4cnb0rGC5dejfhzv6sFBmfmX3rc04_ZX000IWurUH8xCF75nra4VPSH4dLEUECXDQ4PYjqSaZXUZ3fE7UFbIMrem-rDZszrdutbs3pGlfd0eQNSQffIdAtQetD17bnz3pgyjpkadSlJCtHh5lyXMRiri6Hoa4YD1r_-ADXxnH1e98ACIgUiGjmU5NGyYdmdVoLHV3fcuAjaNP0YmpMJvGvP9NBATPZAMUTYK2IpJwya4L-WOw8COY3zwcvTK5iRvrWJiJcZzqqVKaTShi3FqgAQh18cFEmPdToTPgcL_eHFItsX9qzFJJISgsrxmscCj1aPLvhnZPPRfFwN2QEfIpyh62iYlHoLs5zudhsKDitEEF0FHptA8Oqhu4zzPOPskK1n08ES9l92fY80XmKdSlSl-Ew8NPh6rCS9sDR2otA3eb1uUSGWkTbK-t0lcffTU0SqAZoiPgv4DcF0VtgqZynDPCgfRe0zFTKm5K3QDZrJCj9U1st-4NZA1FPDyc4MlI5HBwGj3DsL-0DPi_7aYFoVsddFhW2lD0dtlHaWgL1SBPLrPGeJIwwqOdSwbt2AY70fzDH2qC-ou2ey48sRIyXXhNPsybUOoGpcS_CHzXzcD9qBtiukonySbxsFtnzvmB-7xu5Cbta2OQGl2p7LSaaHQ_8f13CUULOrS0bnTuKviX_PvsyV7rxbOz62p45fX5JVXFox-43e2hMiE-5tWGa6EU2hLhrvu2j5W_HzuHJDNJ7I4WdqKk3ssG75ru6_GTIT57irGN74YaFnv4scipvDq2AEJvIDWUMPC7K2V5fJd5aM5adVMXG-eIWD3iLUtj4PMoEB1Ra98146IxxaB-KEPz-Qm3bwL4RvrRe_RaYFi3DPSnQdQ0rErNZj73zZRqqo5TcACb-5jr_5m4kzxh69vG8aF0WX3BIyvVbGo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 287E 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5341324531795&version=m202307240101&ct=76&x=1&cor=16276339330048705000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
192893
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
239310
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
51032fd4a6ac2f2aa56e9d8f72b21ac8f896d4ddec61e3f63c5187378ff5dd8f

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 07 Oct 2023 17:11:40 GMT
/
csync.smilewanted.com/ Frame 8960 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8030927e3d1e9177-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:40 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 54CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694106697037
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame FD0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 07 Sep 2023 17:11:39 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pd
adpushup-d.openx.net/w/1.0/ Frame 892C 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 37E2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38173
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 07 Sep 2023 17:11:40 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3448, 241681
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230077-FRA
X-Timer
S1694106701.530920,VS0,VE0
sync.html
public.servenobid.com/ Frame 86CA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-50.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30299
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 08:46:42 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-id
ORXXzbdnxhIrTUbJLoMa7gqu5GcjangpZ9cejpI0mKW-zIO5GorOxg==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame 4127 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
710
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8030927e4ebf3aa2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Thu, 07 Sep 2023 21:11:40 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 0DA8 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:40 GMT
checksync.php
contextual.media.net/ Frame 01B6 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8472
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Sat, 09 Sep 2023 17:11:40 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame FE8E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 17:11:40 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FE8E 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81821
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:55:21 GMT
async_usersync
ib.adnxs.com/ Frame 37E2 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
an-x-request-uuid
4639c419-b23d-4379-bef6-5a63bda28c1a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 4761 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.185.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-185-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a64482145bf7ab93c29701986fd459fadb68b9455864f8c0f957e83242b21866

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Sep 2023 17:11:40 GMT
etag
W/"03448e06ccb15ea6cff7c7d28168e59eb"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 3B06 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame B50F 		797 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b935a1bcc81b5e7d8c7de5c7a4bcc2a5cc241b6fdcf5bf95e24e93bf30744175

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
797
content-type
text/html
date
Thu, 07 Sep 2023 17:11:39 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 97C3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a898d8c1f92c2cb35077e7fb654db1fb87b59693a9fb36dd569bde357c1503

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8030927ebfd8921d-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HiuqSSoWRrAt9AcQ3JfnZ9Y2kPP8DCotXj0aNvlgtVwcPbRvAk%2FwRWLaMHY2%2BZWpOAX1oP6%2BdbH6zbsl6ErLIiz1N%2B3uDEQybufUoJpcWF%2Fh8xFomqaAYOLoSdT0OunqiGnqVcEkLGMThw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 2EF7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 17:11:40 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 17:11:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A5AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42198
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Fri, 08 Sep 2023 04:54:58 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 3F36 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:f800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
server
istio-envoy
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-id
zejA-ITSncsUh5NrmeplLk5dCchv-pbVRYrZk7RzjETcFrrJVm0FDg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame EDF6 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Thu, 07 Sep 2023 17:11:40 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 64A4 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3760900185025154561
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3760900185025154561
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
an-x-request-uuid
34ea187d-5d01-46c2-8843-b4e368431622
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=3760900185025154561
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=HSEnuGZH5Ev5rjo3QZaafZYs
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HSEnuGZH5Ev5rjo3QZaafZYs
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HSEnuGZH5Ev5rjo3QZaafZYs
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 86CA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Sep 2023 17:11:40 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=8005323317
  • https://sync.1rx.io/usersync/turn/9011011357217791028?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-81148098-47fc-4c20-a971-cefde0d48ca4-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-81148098-47fc-4c20-a971-cefde0d48ca4-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-81148098-47fc-4c20-a971-cefde0d48ca4-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-81148098-47fc-4c20-a971-cefde0d48ca4-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-81148098-47fc-4c20-a971-cefde0d48ca4-003
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX8114809847fc4c20a971cefde0d48ca4003
content-type
text/html
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=962268519981634368
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=962268519981634368
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=962268519981634368
Date
Thu, 07 Sep 2023 17:11:40 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 86CA 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-76
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 86CA 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-5309c935-8e7d-3528-a4b8-aafd908258c3
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-5309c935-8e7d-3528-a4b8-aafd908258c3
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-5309c935-8e7d-3528-a4b8-aafd908258c3
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 86CA 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 86CA 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
sync
ads.servenobid.com/ Frame 86CA
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:41 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 07 Sep 2023 17:11:41 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 07 Sep 2023 17:11:41 GMT
pbs.gif
sync.admanmedia.com/ Frame 86CA 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 8960 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
533887
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8030927ece449177-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1FA5 		2 KB
917 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
080bebf7a7e645087e20d9dab93ad1b197c4f7429da425f6c9ead87743775dfa

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8030927ecfe5921d-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOPJ8XKv7P%2BpywzhsDVRphol3diAI0uFrVvQiC2PL3QHJFSKUtI5%2FYg0N38myyBl40b3T4IR21QF%2B5U0tD%2BLaZo7NfJrQzlnAmuxlJ881S6ecjSt8QtRarEDFUZINf5nPiBAhBWMhCmcaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame B259 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=792189895965913&bg=!p6SlpOvNAAa6D61Rmg87ADQBe5WfOO_LmKevLrlflsg1a6mQh4x75ReBY5Kg71m8pakZRkMtgu5F2nBVaTtCE-dEA6jVAgAAAF5SAAAAB2gBBwoAfD7D6xkSMkPICRIdvfbgGn1EBXjcdiroY10YqCzFxxb5xaF5ByxygUZiYM9qKqvolt8qFkyGKSPsGNNMm0SpKYoKGYvsc48ob7FFmlGPQWNE5glHK53WEMuMWGJKPBkogtAOQ7diUSYoMpCfNL0OB_us2dOYAChIka3r7ouZArwACxMwB-CN2gS1Ou03oOfdmHf802XdUrigmIOBftkyca20NcPCgWSuT9Mao64b4Ph0hOyYV2CNfovqqnbAIHtOglFchiD9C3q6pzIYgwcPcdar2G9Ra42kQRNkCYLKD-7xpUb32giFzlgmmr7x1G067ikTDcpZvmsFoGAMj_c4NOYNoLW1ND3wr25axU7MVXTcbCq8vERga3jrXUUCdYPLIyYMRcZ1egXm-akDKmSd9y2XWsOMzZmlyVpG5HSvS23p_BndasvnXm3kRELhEu5cKiHKLhhojSbMLsLouOKeq6u4IOwNGEbXy1mG1MeIhCRQxLOMQ0g3vaMEwwF-VE9_m7tHNVYtAfUGSvFGHLD9r4criOxnGTjVlNdylb4vy-Z13mQ6u6bHfx6SM9tehbc4iBqmvk0aS_XttAmZU0dfRJTBGx08ajE6dItCMTtN_nettBVK9h5hxyGHo8g3GopJKQ9purdFNE81qrpZugQpvJF37vRUVoTXZQH-IjVDceGKNPsuoLEu3Z8IghkPceQS05s65OsUp_1Xjbvu7HdcTpUB3M7979PiqJn_mHPPPCN-oZSaQ0gI0LQxRAU9DYoM0OUa01alNY-IhT9Y-GeGwTSSsCbiPXX1NwpzoVhQYaeCIyljm5fcithjsLBxYWTtxiKFR0i9Hsknis2_LjYrrcSc_krNU_6zFqkMezuZ9ftuZvWmDwVYJ1Kt4pPDJuz08c13j4fqoC6sbIR302OLJ67d6Uui6FFFiWS66Ny8sETDjAF0g48uINjt57qlmZm3ST3IE3hx4AyjxkSVwFANXDaK3MSxZBf-74RjQSvQSZWvB8tX_tFWgS7WBueM3g00M8TLMEriX6mahkDAYrxoY0Hg9RxXCiki-DDT7cj_yaJCr8isERG31KEoIntxs0xVrAu9k6P-QrpL-Eq6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
casale
match.adsrvr.org/track/cmf/ Frame 97C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 97C3 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FN1X2CMYQX6E5Y134WMM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 97C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGowr6UclTbJokQlEGZvWuE&google_cver=1
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGowr6UclTbJokQlEGZvWuE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlXbKNCPB4smoszjT4EkkUFNfk6OpzwFmAOc3s45p8TpAHdm4mCTvQxKfSpJ4nFM5U0B0rJVbucAL%2FwXcrqp77sYX0wqYGJoDQUFQAGHWttvLxeb07lVSRNjeHkESURaSR8NGJV2Sductg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f1b2c373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEGowr6UclTbJokQlEGZvWuE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 97C3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYNaLwkh3lWZzFbxVEGOLieac9AkakKVYgyVO%2BAX58InJeEtvkNvCKJRi6rUvDYBAsmKQbu1ZUBUc5%2FNDH4dOXGEDFOX0RZvf7KvduIZa9WoJ8Ao0UD24HYmbMqaGHm5toE2WjsgymuQ7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f1b29373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
an-x-request-uuid
aba017d6-ad62-4639-9a57-a59568a42862
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 97C3 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 97C3
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yug3uczoZeHR7jO5xOx86M7pYrzR7jK7me_bicyY
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yug3uczoZeHR7jO5xOx86M7pYrzR7jK7me_bicyY
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIiaGWeqRUXATBnd64Wzh6Sq2%2FXyjyyaffOat1lOKRPN3tPxH2QXQubbMxg2eNHymh217i0gqAnbvOAf6nLq75Ghw3377MlmynHOKRtp4Mlg6%2F3wO4H8GbzFYvTybBoEblZw7mILqsU%2BJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f1b27373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=yug3uczoZeHR7jO5xOx86M7pYrzR7jK7me_bicyY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 97C3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C2ymoX2DN5AZ7eDt0SEB3C%2BMMGHrbbZrqsJESJTxVSHgAq%2FfJ5bylXUH2RPOIzXGFY610QdPMsSm6wvSwE7vxUc9lfgszlSK2Tm7W6MtbckdxpYTnS3sGww4cdfeKN7aIM4373V"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f486c921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
ix
ad4m.at/ad/sim/ Frame 97C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame 97C3 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 2EF7 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81821
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:55:21 GMT
ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1FA5 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:260b:940e:5542:581f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1FA5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAqfE7J9AkAADR3_pnOSA&expiration=1695316300
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAqfE7J9AkAADR3_pnOSA&expiration=1695316300
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zatIJKb7TawRNV6RIjI%2FnodStobCZcmJU%2FCZet%2BIPctlJ6HIKH9anBWoJxRvuWDs%2Fx24FFBe8rNNfVzugSZOH8zu%2B%2BEPxCRpBWOJHGSxH1Ox6S0BOLLOjh1RdIcebxBJsWPkqPmRA5ym8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80309280fd86373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAqfE7J9AkAADR3_pnOSA&expiration=1695316300
Date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
user-registering
ads.stickyadstv.com/ Frame 1FA5 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-131-87.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1694106700691058-539
Expires
Thu, 07 Sep 2023 17:11:40 GMT
rum
dsum-sec.casalemedia.com/ Frame 1FA5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPoETAALUuW3QABV
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPoETAALUuW3QABV&_test=ZPoETAALUuW3QABV
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPoETAALUuW3QABV&_test=ZPoETAALUuW3QABV
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnOTSkX%2FJxhP5NaUY6K7NOy6RpZd81GpQHxf37GNJm2nK9546cRQAI1NID0045A34mf7sTr0ybMiDtZ2LjYT5N1CU%2BKtFw0qd5yekHLz3zjg8ErHh84ZCjsdIXyO9gMuYzUOAONraTRT2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80309280ed78373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230044-FRA
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1694106701.892757,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPoETAALUuW3QABV&_test=ZPoETAALUuW3QABV
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 1FA5
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=db7cc971-93d1-4a17-a6b0-85c622bcd599&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=db7cc971-93d1-4a17-a6b0-85c622bcd599&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq07w0sLUupgp14fDK5I7giL9xrn10iw1AjjsGA4UmN%2BqLQIswBXonl2FVnIv16E%2FYFIABjRLqCCZH9U7VTsgt%2Bd881Gnuw75gmN3opFR%2BZvJAZ7IpdGSPRpm1oGuDQaGPYsMPHRQPAJcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f6b8c373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=db7cc971-93d1-4a17-a6b0-85c622bcd599&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Thu, 07 Sep 2023 17:11:40 GMT
server
_
content-length
0
tp_out
d.adroll.com/cm/index/ Frame 1FA5 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:c52:5f4:1529:4d3a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 1FA5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKLBaUj3UvoloE8Zyco9PBrMe8eEEKYxZZuyL5OZh5HNv%2B1gOo0HuX3%2BOfTfBE81K21gM67dpqmFJcz1xnzGd2zktSobWQOMSHyOBxzYge6UjRG57Cbx9vXSM%2BJrJgxUFJwUwBTM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f4868921d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1694193100
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 1FA5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lr0AXC80FbbznfyuwGM1fVYBZHwZvXAAFAz89KZ9pOEu7qtR13xBuEoU9y4uSpa0Ja%2F4n74xanRXt%2BSO2Wi5yfct%2FqPsfPOwu0QfZ%2BxPqx3wA8rRsH1YW%2BSnG%2FQZ5GLlhjoOkylSqofakw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8030927f1b2a373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
an-x-request-uuid
8790fe9f-bb1a-4195-ba3e-afd4f09b4c4e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3760900185025154561
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1FA5 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPoESROoojD1qnDOJ6gotAAA%265134
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
81149
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8030927f0fca3aa2-FRA
content-length
43
expires
Fri, 08 Sep 2023 17:11:40 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5E1A 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8030927f0eb39177-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:40 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9DBA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2EF7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LM9FDXCP-5-5E6Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame A5AC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68735772&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
320604491a1d36d05bd41cf7cfce3784112302a9d6f0b5b628b47cf42a3fc510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8EE5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
Thu, 07 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
766121
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1DCE 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EB7Q50MKSRQVSN1D4ZZC
Pug
image2.pubmatic.com/AdServer/ Frame E67D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
42 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame 657A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 17:11:40 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j_t_GGkPQoiuCsbKlG9gxg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=42198
accept-ranges
bytes
content-length
5606
expires
Fri, 08 Sep 2023 04:54:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A5AC 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.30.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-30-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.193
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame A5AC
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3140327685
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
via
1.1 google
last-modified
Thu, 07 Sep 2023 17:11:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame A5AC
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTBnZk4tVVIyS0dTNTY1Z1BHaUFkMVhVdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4140809763479121200&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
34.236.109.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-109-207.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZGQjdGMTgtNjkwRi00Mjg4LUFFMEEtQzZDQTk0NkY2MEM2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A5AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIMzSpV_ycM0mpG8ohl_b5Y&google_cver=1
42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIMzSpV_ycM0mpG8ohl_b5Y&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIMzSpV_ycM0mpG8ohl_b5Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A5AC 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 06 Sep 2023 17:11:40 GMT
generic
match.adsrvr.org/track/cmf/ Frame A5AC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A5AC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4140809763479121200
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4140809763479121200
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4140809763479121200
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
8FFB7F18-690F-4288-AE0A-C6CA946F60C6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A5AC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8FFB7F18-690F-4288-AE0A-C6CA946F60C6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:260b:940e:5542:581f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame A5AC 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3760900185025154561
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3760900185025154561
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
an-x-request-uuid
4c72e971-97ea-4631-b7f6-19e95005c3ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=3760900185025154561
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 4761
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=f4fbTHmHiRRkgd9McYOQHXuGjklkgd5OLID7cHl7
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=f4fbTHmHiRRkgd9McYOQHXuGjklkgd5OLID7cHl7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.157.107.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=f4fbTHmHiRRkgd9McYOQHXuGjklkgd5OLID7cHl7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame 4761
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28RSakdYfWiC2DpxzeeVBIlerG_zjGzWoj6CtucL6btlBBKQfS5FTD_fQGyscbUWWq%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&obuid=ENC(RSakdYfWiC2DpxzeeVBIlerG_zjGzWoj6CtucL6btlBBKQfS5FTD_fQGyscbUWWq...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:41 GMT
Cache-Control
no-cache
X-TraceId
ac72cf2d75df244de4f60a4cd2d39079
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Thu, 07 Sep 2023 17:11:41 GMT
X-TraceId
7cacb4e822715006a61effdba6a7ae98
Content-Length
0
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=d1bec83e-ec78-4290-9a24-124343790ab2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=d1bec83e-ec78-4290-9a24-124343790ab2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Sep 2023 17:11:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=d1bec83e-ec78-4290-9a24-124343790ab2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-54cb0e83-20ac-590a-548e-44c5abe7216b$ip$45.141.152.73
Date
Thu, 07 Sep 2023 17:11:41 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5iZullhE2pdBeSCYBlPM7JSck0x7uaIKY8iK~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5iZullhE2pdBeSCYBlPM7JSck0x7uaIKY8iK~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5iZullhE2pdBeSCYBlPM7JSck0x7uaIKY8iK~A
content-length
0
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9b397b7b-55a9-497d-9fd0-c1e43691324f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9b397b7b-55a9-497d-9fd0-c1e43691324f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9b397b7b-55a9-497d-9fd0-c1e43691324f
Date
Thu, 07 Sep 2023 17:11:41 GMT
Connection
keep-alive
X-CI-RTID
2cb51f6c-2576-43ac-8712-cadfb0178ccd
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 4761 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=2xFihQz0CG1VhXno7DAr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2MTYIZUWQUL2GBBUOMKWNBMG43ZXIRAXE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=2xFihQz0CG1VhXno7DAr&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=2xFihQz0CG1VhXno7DAr&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:41 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:41 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=2xFihQz0CG1VhXno7DAr&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
server_match
ad.360yield.com/ Frame 4761 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.130.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-130-135.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 17:11:40 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=P6Gd6EdmA5JA&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=P6Gd6EdmA5JA&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=P6Gd6EdmA5JA&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-kq89m
expires
-1
usersync
usersync.gumgum.com/ Frame 4761
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8946434899746858978
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8946434899746858978
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 17:11:40 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8946434899746858978
date
Thu, 07 Sep 2023 17:11:40 GMT
content-length
0
sync
ads.servenobid.com/ Frame 4761 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
pixel
ap.lijit.com/ Frame 9593 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 07 Sep 2023 17:11:40 GMT
X-Sovrn-Pod
ad_ap6ams1
usersync
usersync.gumgum.com/ Frame DB3F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPoETAAAA_YxQgAb&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPoETAAAA_YxQgAb&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 07 Sep 2023 17:11:40 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPoETAAAA_YxQgAb&gdpr=0&gdpr_consent=&_test=ZPoETAAAA_YxQgAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230044-FRA
x-timer
S1694106701.907899,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 42D9 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83NWNhNTg2MC05NzllLTQxNjktOThkZC04MWZmY2JjMTljYjY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC58 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42198
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
expires
Fri, 08 Sep 2023 04:54:58 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6778 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame E32E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPoETcCo8X4AACpzH.UAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPoETcCo8X4AACpzH.UAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:41 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 17:11:41 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPoETcCo8X4AACpzH.UAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1011.dc4p.scaleout.jp
X-SO-IP
45.141.152.73
X-SO-Key
ZPoETcCo8X4AACpzH.UAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZPoETcCo8X4AACpzH.UAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1011"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1011
gumgum
cs.admanmedia.com/sync/ Frame EDE1 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 94F7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=Cix0reZyew2Q67YD2DF4&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Cix0reZyew2Q67YD2DF4&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:40 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 07 Sep 2023 17:11:40 GMT Thu, 07 Sep 2023 17:11:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Cix0reZyew2Q67YD2DF4&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 7243
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 17:11:40 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 17:11:40 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame B50F 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1988702461364381523&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:40 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
redir
rtb-csync.smartadserver.com/ Frame B50F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAAqfE7J9AkAADR3_pnOSA&partnerid=127&gdpr=0
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAAqfE7J9AkAADR3_pnOSA&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAAqfE7J9AkAADR3_pnOSA&partnerid=127&gdpr=0
Date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame B50F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=db7cc971-93d1-4a17-a6b0-85c622bcd599&gdpr_consent=null&gdpr=0
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=db7cc971-93d1-4a17-a6b0-85c622bcd599&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=db7cc971-93d1-4a17-a6b0-85c622bcd599&gdpr_consent=null&gdpr=0
date
Thu, 07 Sep 2023 17:11:40 GMT
server
_
content-length
0
genericusersync.ashx
sync.tidaltv.com/ Frame B50F 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame B50F
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=1ec3787ab976a3cb5e6ece9f730d8d2a&gdpr=0&gdpr_consent=0
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=1ec3787ab976a3cb5e6ece9f730d8d2a&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=1ec3787ab976a3cb5e6ece9f730d8d2a&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
0
expires
0
usync.js
eus.rubiconproject.com/ Frame 7243 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81821
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:55:21 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 6D96
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Thu, 07 Sep 2023 17:07:34 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:07:34 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
generic
match.adsrvr.org/track/cmf/ Frame 0BF3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6836324311
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6836324311
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:40 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 07 Sep 2023 17:11:40 GMT
etag
RX8114809847fc4c20a971cefde0d48ca4003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6836324311
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F4F 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=987332488391&version=m202307240101&ct=77&x=1&cor=4840758945494097000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e40a76bf-24f4-52fa-a0ff-3237c405367b
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D0E2
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-7623381214760645792
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/e40a76bf-24f4-52fa-a0ff-3237c405367b
0
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/e40a76bf-24f4-52fa-a0ff-3237c405367b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8030928139d99177-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/e40a76bf-24f4-52fa-a0ff-3237c405367b
smwt256.gif
us.ck-ie.com/ Frame 5713 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx
4140809763479121200
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 342C
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4140809763479121200
0
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4140809763479121200
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
803092819a6b9177-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 07 Sep 2023 17:11:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4140809763479121200
server
nginx
sync.php
pixel.rubiconproject.com/exchange/ Frame 7243 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM9FDXCP-5-5E6Y
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
808512fffeb79772c24558d66314e91
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E8FB
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/808512fffeb79772c24558d66314e91?gdpr_consent=&gdpr=0
0
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/808512fffeb79772c24558d66314e91?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
803092815a0b9177-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:41 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 17:11:41 GMT
Expires
Thu, 07 Sep 2023 17:11:41 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/808512fffeb79772c24558d66314e91?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1694106700952036-543
v1
match.sharethrough.com/universal/ Frame 09F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 07 Sep 2023 17:11:41 GMT
smw888.gif
us.ck-ie.com/ Frame A991 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 17:11:41 GMT
Server
nginx
async_usersync
ib.adnxs.com/ Frame 37E2 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:41 GMT
an-x-request-uuid
dc628e39-ca5b-4191-9361-b69d217bd05c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
charter.woff2
s0.2mdn.net/sadbundle/2260711041913871990/ Frame F1AA 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2260711041913871990/charter.woff2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2260711041913871990/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 16:14:46 GMT
x-content-type-options
nosniff
age
176216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54205
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 12:12:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 16:14:46 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A5AC 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F1AA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 14:21:37 GMT
x-content-type-options
nosniff
age
183006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 14:21:37 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694106703090&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=1828576559&tz=120&viewable=true&ddast=V8L2MCLAYI_82Uc6cgBhMQ_psp505BDC4AAABgYID-AAlOVouJceNx6zamkVu0m5ncyoVj5JbNNhabYbawuHyTISDByWoxMW48bt3GNHKLdjOTW7lwjNyy2cZiM8wWFpdvMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8oofTrXP93cKnw-6W_F1v6dFl97mFDrvPrXy65U6H3a05uuw-t2QtdTrsbrXTYXcLXU-31Olwax1Ot8Lu1rrcGqPD7rMLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxQFBHqan3eey-wMAAAAACAAAAAASAAjohyUAYoz3Tvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQwQ2lpcvCn7riBR4FmEEAAAAoKURM-nIJJ2gYlHl__-_3wrAFQCAAEU40N2eLLqDEm9hAAAABMYs0MPi95sddo3f7TL__________2b-z_yjEWriSkkDtF34oeYXEABgzS8gAAAbdQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIzFZVptdiPnaLkbLkyewWawW808K4tzMBs5Npvt-Yi4upi5Mr7usyEss993UFBOT4_ZZZCxXCaD-KBhWE4GwfxM2GK0mkw2y-FsuZgMhqPhaLQ_A7GYDdBEDJbLyWQx2a1Gq9FmuBvNBgskEIMJomjRYLIajSaLyXA1mqxmy8Vut0EUrVrNRpvBcDWbzHa71XAwXI5GaMIWo9VkslkOZ8vFZDAcDUejIYK50cqwsvlWa9XIs3CLRsvhWrmZWNyKiWtm8S18I5fF5Ra9PqaLzTNcboxbJBjAthfJ0yKdKCbD4cKxMi58m4Vn5ty4NqaRbzDczFyz3crim0zEEs3JIp3ILvuOxWVabXYj52i5Gy5MnsFmsFvNPCuLczAbOTabfW-0MqxsvtVaNfIs3KLRcrhWbiYWt2Limll8C9_IZXG5Ra-P6WLzDJcb474xW44Wg9lsOds3ZsvRYjCbLWf7Dp3hu_qcjcqySvKxeYud31d3cxoULoPF-5OYFtPu7GA6-Y5OnWGaLOqMfr_f7_f7_X6_32_Qeg5mg8J3m_Yl3p7X97eJno-DQRFLBBfpRPAwux2ml1vi82z8FrFEabpIJ3qFX_RwunWuv1v4dNjdkr_rLT267D630GH3uZVPt9zpsLs1R5fd55aspU6H3a12Ouxuoevpljodbq3D6VbY3VqXW2N02H12oelttoglgtNFOhG9jKeL-o8aaDVXjBZzxWoy121WCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYNZtiWXR7iERVrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTcB5Fff___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4FcRkMlvsH4AKsVar1e3GWq1WQIJbLXcT-P___w8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufrlt_vA!ul143917-543_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0755099f2b915dfbb9ab14886be002aa45f503efeacb2534910ea47a37b30110

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:43 GMT
content-encoding
gzip
server
nginx
machineid
1457
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960h2&_p=631426543&cid=626269215.1694106697&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694106698&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A5AC 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53224992&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
42915aa2defbdd04182826933ee59b2c2eb6f6e70624ad30c819bc6067ef88f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Sep 2023 17:11:42 GMT
content-length
2045
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame DC58 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=4129486&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0c12c95139cde51859ce269dd02adcd169dc42b21de5a7a76fb1bf968f3d7896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Sep 2023 17:11:43 GMT
content-length
1457
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame BBB0 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B7D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760900185025154561&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760900185025154561&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
aae82524-e087-440e-8f57-1604595ef8ed
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3760900185025154561&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
45.141.152.73; 45.141.152.73; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3F2E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VMsOgyCsWQpUjkTFq-chay2NmEk&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VMsOgyCsWQpUjkTFq-chay2NmEk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Sep 2023 17:11:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=VMsOgyCsWQpUjkTFq-chay2NmEk&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 0A5D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276132868161992847&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276132868161992847&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 07 Sep 2023 17:11:43 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276132868161992847&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 62A4 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 07 Sep 2023 17:11:44 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230044-FRA
x-timer
S1694106704.939794,VS0,VE90
bridge
cm.adgrx.com/ Frame 0F86 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:44 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-3
Pug
simage2.pubmatic.com/AdServer/ Frame 197E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 07 Sep 2023 17:11:43 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 9654
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBcWZFN0o5QWtBQURSM19wbk9TQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_init...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAAqfE7J9AkAADR3_pnOSA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dp...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAqfE7J9AkAADR3_pnOSA&pid=558502&do=add&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAqfE7J9AkAADR3_pnOSA&gdpr=0
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAqfE7J9AkAADR3_pnOSA&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 17:11:44 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAqfE7J9AkAADR3_pnOSA&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.servenobid.com/ Frame 1096 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.19.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-19-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 17:11:43 GMT
mw
mwzeom.zeotap.com/ Frame A5AC 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80309293e9809143-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame A5AC
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:58 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:58 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A5AC
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b9321129ed891f31/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
sync
x.bidswitch.net/ Frame A5AC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjPiOinBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEJ6Hi-JNoRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJDRiNDIwOGU5LTliODEtNGExYi1iOGZjLWQ5YWMwNmRlN2FlZQ**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=9e878be2-4da1-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=9e878be2-4da1-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
35.157.107.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-107-99.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Date
Thu, 07 Sep 2023 17:11:43 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=9e878be2-4da1-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A5AC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9011011357217791028&gdpr=0&gdpr_consent=&us_privacy=
1 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9011011357217791028&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9011011357217791028&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame A5AC 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame CE0C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU479c4aa557164e1184fefcee278ff4d5
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU479c4aa557164e1184fefcee278ff4d5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 17:11:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU479c4aa557164e1184fefcee278ff4d5
pragma
no-cache
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 5D75
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=962268519981634368
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=962268519981634368
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 07 Sep 2023 17:11:43 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=962268519981634368
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 667C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5648828114216056122
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5648828114216056122
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5648828114216056122
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 7ACD 		43 B
312 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Sep 2023 17:11:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 37B5
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
42 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 17:11:44 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame F2C9
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRYXbbXRnQSRbMYb&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRYXbbXRnQSRbMYb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhRYXbbXRnQSRbMYb&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame 276B 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:44 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-9e524b4c7273@version_1.569v2
X-core-time
3ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 7FC8
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=10tjtl16pvuy
42 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=10tjtl16pvuy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 07 Sep 2023 17:11:44 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=10tjtl16pvuy
lws
38
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
usersync
usersync.gumgum.com/ Frame BB44 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=8FFB7F18-690F-4288-AE0A-C6CA946F60C6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 17:11:43 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame DC58
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fc84f475-72d4-4aa7-ac86-28b7d73433b1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fc84f475-72d4-4aa7-ac86-28b7d73433b1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:fc84f475-72d4-4aa7-ac86-28b7d73433b1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 07 Sep 2023 17:11:44 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DC58 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 07 Sep 2023 17:11:43 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
request_content.php
hal900025.redintelligence.net/ Frame 6ED6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
Requested by
Host: d2849lw36e7cot.cloudfront.net
URL: https://d2849lw36e7cot.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2a04c860ebe4f6a1678dfbf58081cd3b38f46312d38c23d78738e1bd6f624067

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1399
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Sep 2023 17:11:44 GMT
Expires
Thu, 07 Sep 2023 18:11:44 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
/
track.adform.net/adfscript/ Frame 6ED6 		727 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67114562;click=https://hal900025.redintelligence.net/c/pi18j89n55ffuac?tprd=
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
87647fd337d89a07d0f3282b3a2c1ac4c4d6e2b23a6bba74142156e933869bb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
viewability
hal900025.redintelligence.net/ Frame 6ED6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=63851600140844109150657012440025&a=a955dd87&vb=m
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:44 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 6ED6 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67114562;click=https://hal900025.redintelligence.net/c/pi18j89n55ffuac?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
/
track.adform.net/adfserve/ Frame 6ED6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=67114562;click=https://hal900025.redintelligence.net/c/pi18j89n55ffuac?tprd=;js=1;adfxid=1x;9725;set=en-US|en-US|1600X1200|0|250|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwww.bg3.co
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9015353893f0bfb64d0a469656d3ff5ab6c3f2a29e406abdcb55770b0863212b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1962
expires
-1
truncated
/ Frame 6ED6 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
/
track.adform.net/serving/unload/ Frame B4E7 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4140809763479121200@@67239502,8265821824674669950,100|0|0|0|0|0|0|0|0||2|0|||||1|0|0|59recQ6GsVxX7EYoWZQhUQyIAJPAV-5USAzyLvRNP8wghdIAHVO4rBhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ads
googleads.g.doubleclick.net/pagead/ Frame 1223 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35185931423316192076&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3882&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=38005942&ga_hid=631426543&dt=1694106697202&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&bdt=1241&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 6ED6 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
/
track.adform.net/csimpr/ Frame 6ED6 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67114562&csi=KsB9Bu3fWZh_8P4yuljB00ukBswnc8DG_uiII2Fkg3gJDwKV3Zer3HUUpTrDtP0IccbI2TeCrWVDNbz-BZwpP96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900025.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900025.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
13350666.js
s1.adform.net/Banners/Elements/Files/160090/13350666/ Frame D6A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/13350666.js?ADFassetID=13350666&bv=258
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/tai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4b82b0dfa8f87eeda1296fe320f159b8bbe7ecce54afae80fe4c26d90676bb8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:23 GMT
server
nginx
x-amz-request-id
tx000009abf25a80b8844d5-0064f7a575-32959e94-default
etag
W/"ea251fbb21676753bc601d3ade49ead4"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		1 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8eb86270e92e3dfd61282b072514f208d4ff292506af801e66b7aee73e5f74f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx0000089c1c11bf7d57ef0-0064f7a575-3295cc06-default
etag
W/"7e23ca1dc4ed46797dc6fe8f6701bef5"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame D6A1 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000496f57c7341b8671-0063766147-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		102 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e030eebe87b2f584f6b2bb8587f232b832353dc3d473b4a41a8c875ecbbc2fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000954842af21053840-0064f7a575-329552a5-default
etag
"524f19135483fbed6bd7090842111d6c"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
102
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5f79870da8c10745e6e70dbf5483df6eb84d74eaaf8f0d72ce2aa3153c146ae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000805dd7c2a08b34ef-0064f7a575-32959ea8-default
etag
"a2745572f490ba661b2b07fe681394c2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2912
text0.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c02dd3b3fd546bf20be03f61a2f48dfb8f131dbf241fce6bc9eaa6cde517a696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx000002da1872158d7e649-0064f7a575-3295cc06-default
etag
"e8fbe59edf0ac0c29a85d6589ff620bd"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2654
text1.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f659b638b78682b7d8b25db135532c4e2ad71e35c40e35be752e5f265bd85634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000ecc14d9eda9c91f2-0064f7a575-3295f883-default
etag
"44182c37cf686cad67d41d0804463924"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3287
text2.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d779ced4a60cb59c31e90cc19d1b45e34a624d739786e4c78ab068cff8d660c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx0000077eb1d867a141fa0-0064f7a575-3295f919-default
etag
"4ca667c8c8ec7a61e316992852e388b5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1471
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8de92dee635c9316637efd98325e847cd7df3019a5a7f8dcadc72ed7864aeace

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx000005226060eb418868c-0064f7a575-3295cc06-default
etag
"48bb2207cc338f654d1f701c640898d5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2131
date.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ac89553301773a9cc1e106ed7b2d09df4b74314e9c0e241dac9d48bce49d16b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx000007040888e788a2013-0064f7a575-32959ea8-default
etag
"7271fc4615f90325425b2c1f0d8330ce"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
900
cta.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
88710bc76991e9722eb60f588684236db51d93d2940dc28b6e4cabe84c0bf251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx0000040947452a271202f-0064f7a575-329552a5-default
etag
"3067d9dc20f4369911c69e3052ec8e21"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1639
logostart.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0301492f842fd6af4667f45d6c55fa6213980a6d853cf442c8764dd98c59afa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx000009b73140252837b37-0064f7a575-3295f919-default
etag
"6cfd9d60e7defc70bff9fc51ebe3b0cd"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2703
logosmall.png
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/logosmall.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a49a531d815be651105ceb2de4e9406591ad8ab95b0a40d0c4197a4d9550cacd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx0000037e891fb2beea1d8-0064f7a575-32959ea8-default
etag
"1994e994f36d97fcf1d4d45ea1af5705"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1446
model.jpg
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
680e306e40e9217220961c2f025f1bf45027ab73656ed541e3502a8ea5f8fe2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000c0fcc726a2fd9b12-0064f7a575-329552a5-default
etag
"dfaa9db90e8e5a772bfd1cd833607a59"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5029
background.jpg
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
680e306e40e9217220961c2f025f1bf45027ab73656ed541e3502a8ea5f8fe2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000f8de571436d87ad6-0064f7a575-32959e94-default
etag
"dfaa9db90e8e5a772bfd1cd833607a59"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5029
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame D6A1 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9315487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPDTJU%2B9aQXDkko8Cv9ReOZf7LK0JOrQzBZCTkF6aud9pzmkPezx4PST1o9DAujBkYzGePRchsXxanolulQVbgIynkK9AZP6bvanJWy7Y5VnaTuTr8RmMOVWXEA5JCMHxmmr90eb0MUTrAlbHSCAx%2B9p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80309297df2b9143-FRA
expires
Tue, 27 Aug 2024 17:11:44 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame D6A1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
45612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Thu, 22 Jun 2023 11:03:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a86-6c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXHXZ1p8%2FUv5HZvpsD7KD2poFO4DTeA4SqCwLin8jG2uiAhoZ%2F0kktafDyDCU07w6ne77EVEOq9UM0TOos1rcqQq%2BUFs%2FxX1KQDK0sjgXwlVyhpwcNYkSIT4zz1wrAMRo%2FyhJV3rCkeAHjHeXCYwmp8B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80309297df2f9143-FRA
expires
Tue, 27 Aug 2024 17:11:44 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame D6A1 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1527784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Thu, 22 Jun 2023 11:03:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a86-2182"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2wpQPz5Y5zjEig6MtjZHNZzv8LDVGmWbbUSVqiX21LM9XrRN8%2F5l17rvC46vuRZrj5Hb%2BRgN7NcZqgV7%2BJ61qFCOSuDY0n69%2FgKFc1w5SezbxFcx8%2Bf701mzW0xjehBItzG3lYv83u4dyPtfLTpVsst"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80309297df309143-FRA
expires
Tue, 27 Aug 2024 17:11:44 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/ Frame D6A1 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350666/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0019694da15cc40bbe17672fece995d8a83cb962e3cba6413ddda48207d15fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:24 GMT
server
nginx
x-amz-request-id
tx00000ce8eac0c374b43d4-0064f7a575-3295cc06-default
etag
W/"4b64a4e557a5ceb50a0b879010dec646"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7c396389d29828343d1d8c085d5bad036dbe32962e06f0cb9c3f8bb72aae461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11608
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5942&cid=amp-kaFzOgCJwih38lmzGTyJNg&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dr=&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694106697&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=9859&epn.domain_lookup_time=18&epn.tcp_connect_time=732&epn.redirect_time=0&epn.server_response_time=215&epn.page_download_time=212&epn.content_download_time=1200&epn.dom_interactive_time=1200
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E6%B3%B0%E5%9C%8B%E9%AE%AE%E8%82%89%E6%AD%A3%E5%A4%AF%EF%BC%81%E3%80%8A%E4%B8%80%E5%B9%B4%E7%94%9F2%E3%80%8B%E8%A6%8B%E9%9D%A2%E6%9C%83%E5%8A%A0%E9%96%8B%E5%AE%89%E5%8F%AF%E5%A0%B4%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kaFzOgCJwih38lmzGTyJNg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Ftai-guo-xian-rou-zheng-hang-yi-nian-sheng-2-jian-mian-hui-jia-kai-an-ke-chang.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=9859&dns=18&tcp=732&rrt=0&srt=215&pdt=212&clt=1200&dit=1200&a=5942&z=0.17854045060734847&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 06:57:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36864
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 020A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:44 GMT
server
Kestrel
server-processing-duration-in-ticks
687302
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 020A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=JP5CJ19KYVIzQVV4SEZuJTJCdmtxUU5BNFRmeHJ4aTdVb2hrWFg5Q09Ya1JkaWZkSVlmMk13TUQyQ1NjaU...
  • https://mug.criteo.com/sid?cpp=zK1zOHxMcnRKR01uWngwS2I3eTBXQTc2ajEzL250dnlGRTRoNXJwN1RQNTBIWVNWMVkvSkxqazk2QmlQOExldjJZeU44VlVFZkZ5VkY2QnRNZG9qUUphaGRyUTBQL2drTnpGNmVyQmxaTlN5VTdCRWdMUTBPU3l4TjNTU0...
433 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=zK1zOHxMcnRKR01uWngwS2I3eTBXQTc2ajEzL250dnlGRTRoNXJwN1RQNTBIWVNWMVkvSkxqazk2QmlQOExldjJZeU44VlVFZkZ5VkY2QnRNZG9qUUphaGRyUTBQL2drTnpGNmVyQmxaTlN5VTdCRWdMUTBPU3l4TjNTU0xxbGpMZExPcCt2RjJ6WTBoNHdEMk1TQSs1V3FKQTkzMUxGSWJIV3hYUjNmd3J2SDVZKzZtblZEVFpBdWxMUExMWE51NlZHWDhmajRIcEdHWVNKM1hUQUQ1YW1MTy90VlVtUUNoZzdXa2cwK2locXYwRXlRaFZwd25DNldIWU1kZGZDaW0rMnRvdWhHYzRVZ2xtSm5CY1Y4RzNST0xqaUNyQWU3ZGhNM3l2YXgvMENYSW5Udz18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5dc60fb236703a20398bb50f22e9245f253aac84df1a467f781f9fdf0a11ca36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1280786
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 17:11:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=zK1zOHxMcnRKR01uWngwS2I3eTBXQTc2ajEzL250dnlGRTRoNXJwN1RQNTBIWVNWMVkvSkxqazk2QmlQOExldjJZeU44VlVFZkZ5VkY2QnRNZG9qUUphaGRyUTBQL2drTnpGNmVyQmxaTlN5VTdCRWdMUTBPU3l4TjNTU0xxbGpMZExPcCt2RjJ6WTBoNHdEMk1TQSs1V3FKQTkzMUxGSWJIV3hYUjNmd3J2SDVZKzZtblZEVFpBdWxMUExMWE51NlZHWDhmajRIcEdHWVNKM1hUQUQ1YW1MTy90VlVtUUNoZzdXa2cwK2locXYwRXlRaFZwd25DNldIWU1kZGZDaW0rMnRvdWhHYzRVZ2xtSm5CY1Y4RzNST0xqaUNyQWU3ZGhNM3l2YXgvMENYSW5Udz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
329136
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 17:11:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F135 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9698 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
08378d86b27302711b14b0161058ed9b624b3c2c01a14d8ab52d7535cb673faf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dkbMDy4FnnIrEM9cNkkSjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-dkbMDy4FnnIrEM9cNkkSjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 17:11:44 GMT
expires
Thu, 07 Sep 2023 17:11:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame F135 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
139164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9698 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=1372508342392756&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F135 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?whDFQQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:11:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viewability
hal900025.redintelligence.net/ Frame 6ED6 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=63851600140844109150657012440025&a=a955dd87&vb=v
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=63851600140844109150657012440025&a=44f752ae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 17:11:45 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/545fbc80d952db4a0f83952a8d765724.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/2ecde61b66df9fc99652d8bfe5ddb3b9.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/7a9fe88b5ccdc97de705d8bbfa833ee6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a2e7d222b8132b7fa6e67bd8cfcf2c70.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8042c6e453f144817eae32c47b73e39a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d81af19f5d041090503207739a0c20ef.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/846419d022b22e182ad63c2b5bc58cc7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/726e89130b12023b1cff296f88d1b1ce.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/b68d7767991e2db04cc07d67b9671d64.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/87facebf7c431a970575026a55cdddc0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/d6482785c8d5a6ab13320b391fa257d5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/731068909b4178a6050d931e4768fdac.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/6eab09e1af673c7ffec478a773253e20.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/1917832900caf1f3448b6c3805e02bca.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b51837c058299cc67d3f41d1a2e517d5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/32a8bef54089b2b767229f85f2702040.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7bda8216c4968643516ba028d38a6131.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4099dd25ae053ec11c27a0c5a0617625.jpg?w=150&h=100&q=100
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag object| AMP object| TRC function| _typeof object| _tblConsole undefined| msg object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| _statcounter object| ggeac object| google_tag_data object| google_js_reporting_queue function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| adRecover number| ampAdSlotIdCounter undefined| $ undefined| jQuery string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| google_reactive_ads_global_state function| runAnimCheck string| nam object| placementData object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid number| ampAdGoogleIfiCounter object| Criteo object| __uid2SecureSignalProvider object| __uid2 object| ucf object| request object| aries number| ampAdPageCorrelator string| paramsString object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo_identitytag_141 object| cmTag function| quantserve function| __qc object| ezt object| _qoptions number| vidverto object| aries_registry function| inView function| VASTClient function| IMA function| VidvertoPlayer object| _cm_wfCounters string| lastWfUrl object| vpbjsChunk object| vpbjs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| startCMTagMain string| category object| listeningFors number| 3pla function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer boolean| descriptionPage object| google_ad_modifications object| google_prev_clients object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| Adform object| criteo_pubtag_prebid_135 object| Criteo_prebid_135

151 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694106696.33ABA5B028154F066AF875511FE10E6A.1.1.1.1.1.1.1.1.1
www.bg3.co/ Name: __AP_SESSION__
Value: 5bbe5909-c0e8-4b04-9609-d1c9d37de33f
.statcounter.com/ Name: is_unique
Value: sc12918656.1694106696.0
.statcounter.com/ Name: is_visitor_unique
Value: 169410669672906653
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D74e0ef75-5d3a-4498-93bb-1b5fb7a7debe-tuctbf389c8
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: bd181a34-b3b4-4fb7-a112-bf73d2cc0f84
.prebid.a-mo.net/ Name: __amc
Value: 1_1694106696_1694106696
.doubleclick.net/ Name: IDE
Value: AHWqTUkphJG1rzb1qX4pGuT5uWoXywWVvdHKJOCdU4kPFFkh79Hk8mRK8XqSybOC8uo
.criteo.com/ Name: uid
Value: 0e1bbfc2-0f5d-4ee5-9676-51d4c1b64ce9
.rubiconproject.com/ Name: khaos
Value: LM9FDXCP-5-5E6Y
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqxdNsZATAr9GWQ0NNjmqbPd94gXYLevqIZNJ+y36GMzD2mOU665bmmtfiRKWGu/9Gm6ATd3nYVm2VAW2Rcx8BLIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.openx.net/ Name: i
Value: f52f5317-6dea-4531-a789-ca46ef0e3809|1694106697
.bg3.co/ Name: __gpi
Value: UID=00000c7012aede6c:T=1694106696:RT=1694106696:S=ALNI_MZ2RL-dA8QWSNpQEbQdnxFu1GFUnQ
ad.vidverto.io/ Name: moxuuid
Value: 26e45e69-d69c-4cea-bc83-bb1432635afe
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694193097
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694193097
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694193097
ad.vidverto.io/ Name: _mwayss_imp[23242][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23242][frequencyPeriodEnd]
Value: 1694193097
.quantserve.com/ Name: mc
Value: 64fa0449-2ba80-0253d-2cce3
.bg3.co/ Name: __qca
Value: P0-1795573214-1694106697051
.bg3.co/ Name: cto_bundle
Value: JP5CJ19KYVIzQVV4SEZuJTJCdmtxUU5BNFRmeHJ4aTdVb2hrWFg5Q09Ya1JkaWZkSVlmMk13TUQyQ1NjaUVWRjNpVHV1SFU0T0FqQldkYiUyRk8lMkZadUZuYzd5cEZzJTJCNFkzZE05V3dDWW5yQzBEdWVtQkJoSXZXUDNtTmE2c0ZtdEglMkZXMjY4cUtpQVgyZUxBdm51ajVZNHgyd21BNDJnJTNEJTNE
.bidswitch.net/ Name: tuuid
Value: 4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
.bidswitch.net/ Name: c
Value: 1694106697
.bidswitch.net/ Name: tuuid_lu
Value: 1694106697
a4p.adpartner.pro/ Name: apuid
Value: 84e55e9b-3545-412a-9b49-9131e328060c
.casalemedia.com/ Name: CMID
Value: ZPoESROoojD1qnDOJ6gotAAA
.casalemedia.com/ Name: CMPS
Value: 5134
.casalemedia.com/ Name: CMPRO
Value: 5134
.adnxs.com/ Name: uuid2
Value: 3760900185025154561
.aralego.com/ Name: sspid
Value: cb5dc4bd-9aa2-3daa-b06f-31aa9da7f27c
ad.vidver.to/ Name: bidswitch_com
Value: 4b4208e9-9b81-4a1b-b8fc-d9ac06de7aee
ad.vidverto.io/ Name: adpartner
Value: 26e45e69-d69c-4cea-bc83-bb1432635afe
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$OnjCyi!]tbPl1M>e)ZlrFUfJ+tGXxou[NTaD@cnLM<ta!oIOpD><SVUd^NE<C*]*N[*bpRz*qF1`*b^r1*#[Ih
.doubleclick.net/ Name: APC
Value: AfxxVi7buCVYVK_whnPsybc-tkaztvan762SHzgZiV9kN-z7vHc-_Q
.aralego.com/ Name: euconsent-v2
Value:
.yahoo.com/ Name: A3
Value: d=AQABBEkE-mQCEDZwl6Gem_oMGDMKvnC82YIFEgEBAQFV-2QDZQAAAAAA_eMAAA&S=AQAAArDHirlIza2rYJHjtPtpg1s
.linkedin.com/ Name: bcookie
Value: "v=2&cd9d6b89-aa96-4b26-8c82-4a6ff9db5deb"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQxMDY2OTc7MjswMjHRnutxm2e2kOAHQ0GxMXfQ8WEbLkda6JGb0XlJcn7JwA==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2991:u=1:x=1:i=1694106697:t=1694193097:v=2:sig=AQFAwTRxgLqOTTlRNhdj3EKzpD3l0yku"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.bg3.co/ Name: __gads
Value: ID=a94b14f92e129a21-2262dff1c3e300d9:T=1694106696:RT=1694106698:S=ALNI_MbUBYDMLS1-sjME4tqfcphAK4fggw
.adform.net/ Name: C
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A_wuFEZ65kTqouDYnwc8GEQ
.bg3.co/ Name: _ga
Value: GA1.1.626269215.1694106697
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694106698.1.0.1694106698.0.0.0
.3lift.com/ Name: tluid
Value: 4377836607684359303962
.go.sonobi.com/ Name: HAPLB8G
Value: s8576|ZPoET
.w55c.net/ Name: wfivefivec
Value: UBBCkuJY1QEixA5
.lijit.com/ Name: ljt_reader
Value: HSEnuGZH5Ev5rjo3QZaafZYs
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 4140809763479121200
.adform.net/ Name: TPC
Value: 1694106698811
.ctnsnet.com/ Name: gid_CAESEGHPEkpiXoRpIhSoUzFfqH4
Value: 1
.simpli.fi/ Name: suid
Value: A36F5B97259546F895D5F2E6716D52D9
.agkn.com/ Name: ab
Value: 0001%3AsaJ%2Ff9GPf6NYSk%2FerBHiIuI%2FQfjsfJb1
.agkn.com/ Name: u
Value: C|0CEAsjMDKLIzAygAAAAAAAQ13AQCAAQpAAAAAAA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81148098-47fc-4c20-a971-cefde0d48ca4-003%22%7D
.turn.com/ Name: uid
Value: 9011011357217791028
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8FFB7F18-690F-4288-AE0A-C6CA946F60C6
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQzMjKzMDW0tLQwNDM2MTazEOIz1I3MSPdyTU4ODk4OcAIA1h1PViQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQzMjKzMDW0tLQwNDM2MTazEOIz1I3MSPdyTU4ODk4OcAIA1h1PViQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129dH1Sc0MdC4OKDdMSw_x9gv20NVN9QUAaLg8AR4AAAA
.zemanta.com/ Name: zuid
Value: 2xFihQz0CG1VhXno7DAr
.adfarm1.adition.com/ Name: UserID1
Value: 7276132868161992847
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2225C5EF7C-F2B1-4275-9839-9A1D79DA0640%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: a4nsuBSZdIijSTnMSXxNpcwUupA7NY9F9rgi4L9WOvi1TFk1K7Oi93SQnIlEMvwUsYusYmJo9QSLBEnZbd
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: a014865a5773d88f
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-07T17%3A11%3A40%22%7D
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 3760900185025154561
.servenobid.com/ Name: pid_333
Value: ZPoESROoojD1qnDOJ6gotAAAFA4AAAIB
.servenobid.com/ Name: pid_310
Value: HSEnuGZH5Ev5rjo3QZaafZYs
.gumgum.com/ Name: vst
Value: e_75ca5860-979e-4169-98dd-81ffcbc19cb6
.csync.loopme.me/ Name: viewer_token
Value: db7cc971-93d1-4a17-a6b0-85c622bcd599
.servenobid.com/ Name: pid_324
Value: 962268519981634368
.servenobid.com/ Name: pid_316
Value: 8FFB7F18-690F-4288-AE0A-C6CA946F60C6
.smartadserver.com/ Name: pid
Value: 8946434899746858978
.servenobid.com/ Name: pid_309
Value: e_75ca5860-979e-4169-98dd-81ffcbc19cb6
.weborama.fr/ Name: AFFICHE_W
Value: UeVdUDhQjApR29
.creativecdn.com/ Name: u
Value: Cix0reZyew2Q67YD2DF4
.creativecdn.com/ Name: ts
Value: 1694106700
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d8b081b77aaa4476
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA&KRTB&19420-M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA&KRTB&22979-M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA&KRTB&23403-M8dNWjXHHwIowUlaPcMGCzfGGF8owUhYYMAFyHHA
.quantserve.com/ Name: d
Value: EPABFwHyKfijC_vLEL7iAA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEIMzSpV_ycM0mpG8ohl_b5Y&KRTB&23025-CAESEIMzSpV_ycM0mpG8ohl_b5Y&KRTB&23386-CAESEIMzSpV_ycM0mpG8ohl_b5Y
.servenobid.com/ Name: pid_321
Value: RX-81148098-47fc-4c20-a971-cefde0d48ca4-003
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4140809763479121200&KRTB&23263-4140809763479121200&KRTB&23481-4140809763479121200
.servenobid.com/ Name: pid_317
Value: 1988702461364381523
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPoETAAAA_YxQgAb
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-5309c935-8e7d-3528-a4b8-aafd908258c3
.bidr.io/ Name: bito
Value: AAAqfE7J9AkAADR3_pnOSA
.bidr.io/ Name: bitoIsSecure
Value: ok
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81148098-47fc-4c20-a971-cefde0d48ca4-003%22%2C%22zdxidn%22%3A%222069.66%22%2C%22nxtrdr%22%3Afalse%7D
.servenobid.com/ Name: pid_346
Value: ua-5309c935-8e7d-3528-a4b8-aafd908258c3
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: e40a76bf-24f4-52fa-a0ff-3237c405367b
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZPoETAAO_9iGwvdr7OOCsfz_XORYQhn4TYF2gQ==
.omnitagjs.com/ Name: ayl_visitor
Value: 1ec3787ab976a3cb5e6ece9f730d8d2a
.smartadserver.com/ Name: csync
Value: 124:db7cc971-93d1-4a17-a6b0-85c622bcd599
.outbrain.com/ Name: obuid
Value: 02723e13-780a-4121-9976-94345e91ba98
.smilewanted.com/ Name: sw_user_params_infos
Value: cwCj6%2FOSVfWRg%2BaKeCy5yyVN5t%2BpeS3l5mjCDY2SISXmtdWrg2Qavqsg4WE2LfOAz2rQNtFO6XhdSwdPW%2BJZbDsehZYmBp6JY%2BsNb7pCMmhgDau7rbo%2F%2BJ2%2BOmSr%2Foz0stBfI9L2tpWV68hKYmVNea8S3UGcfNUsr51YVLtImnuwPOlhnpQCcvZ229wFMLs4ZSyxTGv8d7XOsLHJrOv6xOgTwch9cNfu53NLs%2B2Ewh4krfjKfzn%2Fl0Xu5T2YtXtBwcjJ%2B0%2B7bVV8P501U0Qo5bBKp2Lr%2BBvmHx1xTc9D0nHP%2BlPKNtuJJ68VM5SK1K3b
.bluekai.com/ Name: bku
Value: ikG99W6WIZuXjdGa
.bluekai.com/ Name: bkpa
Value: KJhz0XNr3A9D9mY7sU4IzOYXsl/eyQpxmu9b11iZxuYP3sCZLYAI45BBaNNdIjSbcfLkZ1qZldII5KYn2r4L+5G0GpiUyllMrt3ZrgjUp7Azc83RnQavQJT1wxlBT+U5bZsLaXl2HG9I5S46BexWbm7bfY8NET9t24Pb3oFnppBou6ydXuY1NgT/GdJQVNhQDRU18iki0PvnJtiOOYfXhJJd4YmecxzL89Wg4LxAjN+ECJMqXF4a/LE21xhtzHjDrx9DhbMvjjjpRJbUodQZWydjt3pvSmIVxu0vBBZPfkgWSjPJjLzVYIxOKeEfSOdvVztKIFtCILIbZHhMwo2deyOeKPl3
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54cb0e83-20ac-590a-548e-44c5abe7216b.%2FSvY4q8feJPfVF06byAhHq2TV4apA4xJw50oA98dChg
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-54cb0e83-20ac-590a-548e-44c5abe7216b.%2FSvY4q8feJPfVF06byAhHq2TV4apA4xJw50oA98dChg
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVMsOgyCsWQpUjkTFq-chay2NmEk.7En7dnNIjZrnNsMBzHhwWiIlTCsJbhgJUf7%2BMPwFn8A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AVMsOgyCsWQpUjkTFq-chay2NmEk.7En7dnNIjZrnNsMBzHhwWiIlTCsJbhgJUf7%2BMPwFn8A
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5EHwYBCDNiOinBjABOgT_Q_f4QgSiIkg4.%2BAwFD1y5u5MIg%2FjYf0MJ%2FACPjgPwwpxtI1%2BW4Vidink
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIKI2ZiLnEicP7zgVCpCFBk31l6UUG2_yjbJLzfnMbNZ5EHwYBCDNiOinBjABOgT_Q_f4QgSiIkg4.%2BAwFD1y5u5MIg%2FjYf0MJ%2FACPjgPwwpxtI1%2BW4Vidink
.audrte.com/ Name: arcki2
Value: e0gfN-UR2KGS565gPGiAd1XUw!20220908!1694106701043!ip#45.141.152.73
.audrte.com/ Name: arcki2_pubmatic
Value: 8FFB7F18-690F-4288-AE0A-C6CA946F60C6!20220908!1694106701047
.ipredictive.com/ Name: cu
Value: 9b397b7b-55a9-497d-9fd0-c1e43691324f|1694106701064
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.servenobid.com/ Name: pid_353
Value: 0000EEA
.audrte.com/ Name: arcki2_ddp2
Value: e0gfN-UR2KGS565gPGiAd1XUw!20220908!1694106701173
.audrte.com/ Name: arcki2_adform
Value: 4140809763479121200!20220908!1694106701308
.pubmatic.com/ Name: SPugT
Value: 1694106702
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1695254400%3A245_241_235_227_226_219_197_201
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1694908800%3A63%7C1695254400%3A220_8_214_254_234_166_3_56_71_264_249_238_251_13_54_22_21_81_55_161_233_165_46_88%7C1695340800%3A35%7C1696636800%3A203%7C1694649600%3A2_223_15
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7276132868161992847&KRTB&23369-7276132868161992847
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3760900185025154561&KRTB&23339-3760900185025154561
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129dH1Sc0MdC4OKDdMSw_x9gv20NVN9Q3iNTSzNDE0MDOztDSwMNjECOObGxhbmhm9YkSVPyWOkAeKWQAACTUEyl0AAAA
.ctnsnet.com/ Name: cid
Value: 9e1cef0199da41869fab68df17c66a6a
.bumlam.com/ Name: suuid3
Value: IiQ5ZTg3OGJlMi00ZGExLTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-9011011357217791028&KRTB&23150-9011011357217791028
.onaudience.com/ Name: cookie
Value: b9321129ed891f31
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-962268519981634368
.zeotap.com/ Name: zc
Value: c869928c-2640-4574-6176-b7b6d2940cdb
.onaudience.com/ Name: done_redirects147
Value: 1
.adx.opera.com/ Name: UID
Value: OPU479c4aa557164e1184fefcee278ff4d5
.de17a.com/ Name: guid
Value: 1.5648828114216056122
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-VMsOgyCsWQpUjkTFq-chay2NmEk&KRTB&23334-VMsOgyCsWQpUjkTFq-chay2NmEk&KRTB&23417-VMsOgyCsWQpUjkTFq-chay2NmEk&KRTB&23426-VMsOgyCsWQpUjkTFq-chay2NmEk
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU479c4aa557164e1184fefcee278ff4d5&KRTB&23485-OPU479c4aa557164e1184fefcee278ff4d5&KRTB&23524-OPU479c4aa557164e1184fefcee278ff4d5
.onaudience.com/ Name: done_redirects200
Value: 1
.semasio.net/ Name: SEUNCY
Value: 18505A289251D3FD
.adsby.bidtheatre.com/ Name: __kuid
Value: fc84f475-72d4-4aa7-ac86-28b7d73433b1.463320704
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAqfE7J9AkAADR3_pnOSA
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5648828114216056122
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23413-8FFB7F18-690F-4288-AE0A-C6CA946F60C6&KRTB&23505-8FFB7F18-690F-4288-AE0A-C6CA946F60C6
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-woK5xk2lhRYXbbXRnQSRbMYb
.pubmatic.com/ Name: PugT
Value: 1694106704

29 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/846419d022b22e182ad63c2b5bc58cc7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/726e89130b12023b1cff296f88d1b1ce.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/2ecde61b66df9fc99652d8bfe5ddb3b9.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/b68d7767991e2db04cc07d67b9671d64.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/545fbc80d952db4a0f83952a8d765724.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/7a9fe88b5ccdc97de705d8bbfa833ee6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d81af19f5d041090503207739a0c20ef.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a2e7d222b8132b7fa6e67bd8cfcf2c70.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/87facebf7c431a970575026a55cdddc0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/d6482785c8d5a6ab13320b391fa257d5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7bda8216c4968643516ba028d38a6131.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/731068909b4178a6050d931e4768fdac.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8042c6e453f144817eae32c47b73e39a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/1917832900caf1f3448b6c3805e02bca.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/6eab09e1af673c7ffec478a773253e20.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b51837c058299cc67d3f41d1a2e517d5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/4099dd25ae053ec11c27a0c5a0617625.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/32a8bef54089b2b767229f85f2702040.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cdn.adpushup.com/42753/L2EvdGFpLWd1by14aWFuLXJvdS16aGVuZy1oYW5nLXlpLW5pYW4tc2hlbmctMi1qaWFuLW1pYW4taHVpLWppYS1rYWktYW4ta2UtY2hhbmcuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEN77VSpQgU6MlhaE66k95y4&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8FFB7F18-690F-4288-AE0A-C6CA946F60C6&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_75ca5860-979e-4169-98dd-81ffcbc19cb6&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a.audrte.com
a.rfihub.com
a.teads.tv
a.tribalfusion.com
a1114.casalemedia.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ab455e95bb02dacce0be4879e4650ae1.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
b0cc4c6ca9cce1f8d6c174885c23b4b3.safeframe.googlesyndication.com
b1sync.zemanta.com
b40a28542c4939b02b78e4ac2810c1d5.safeframe.googlesyndication.com
bh.contextweb.com
bidder.criteo.com
c.statcounter.com
c1.adform.net
casale-match.dotomi.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
csync.smilewanted.com
d-14513259571470306939.ampproject.net
d.adroll.com
d.agkn.com
d2849lw36e7cot.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
hal900025.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
ius.ctnsnet.com
js-sec.indexww.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.bumlam.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
static.bg3.co
sync.search.spotxchange.com
sync.tidaltv.com
103.231.174.251
104.18.39.155
104.20.218.77
104.64.126.246
104.75.89.75
124.146.215.51
13.230.13.81
13.32.99.50
138.201.135.164
138.201.84.245
141.226.228.48
141.94.171.213
141.94.171.214
141.94.242.206
141.95.98.65
142.250.185.98
144.76.91.199
147.75.84.158
151.101.129.108
151.101.129.44
151.101.65.44
151.101.66.49
152.199.21.70
162.210.196.208
162.55.236.224
172.217.16.194
172.217.16.198
172.64.148.101
172.64.149.180
172.67.10.198
173.231.181.122
175.110.113.213
178.250.1.11
178.250.1.9
18.194.200.250
18.208.74.11
185.132.133.134
185.170.60.45
185.184.8.90
185.255.84.151
185.255.84.152
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.103
185.89.210.244
188.166.17.21
188.42.34.64
192.96.203.13
193.0.160.130
195.5.165.20
198.47.127.205
2.18.160.23
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.169
216.52.2.16
216.52.2.30
23.35.236.201
23.50.131.87
23.97.225.52
2600:1f13:800:7781:770b:e7be:3f6f:3579
2600:1f18:24e6:b902:b25:850e:c423:61a4
2600:9000:211e:c800:1b:5138:8a40:93a1
2600:9000:223c:3200:6:44e3:f8c0:93a1
2600:9000:223f:ee00:8:48e:53c0:93a1
2600:9000:223f:f800:1f:4c18:bd40:93a1
2600:9000:2250:1200:a:e047:753:6381
2600:9000:2250:1400:19:ba84:7f40:21
2602:803:c003:200::45
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:20::681a:567
2606:4700:20::681a:bd1
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6812:19ad
2606:4700:e6::ac40:c426
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:806::2006
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0a::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:12::1730:1786
2a02:fa8:8806:13::1400
2a05:d018:cc3:fe05:c52:5f4:1529:4d3a
2a05:d018:d29:3605:260b:940e:5542:581f
3.121.164.104
3.33.220.150
3.71.149.231
3.77.133.205
31.172.81.159
34.102.146.192
34.102.163.6
34.107.148.139
34.111.129.221
34.111.131.239
34.120.135.53
34.225.251.53
34.236.109.207
34.242.185.58
34.250.19.175
34.253.165.174
34.91.62.186
34.95.69.49
34.98.64.218
35.157.107.99
35.186.154.107
35.186.193.173
35.190.0.66
35.214.165.154
35.227.252.103
35.244.159.8
37.157.6.235
37.157.6.237
37.157.6.254
46.228.174.117
50.31.142.95
51.89.9.254
52.0.53.240
52.210.15.1
52.28.44.182
52.30.24.178
52.46.130.91
52.57.206.170
52.71.98.102
52.94.223.37
54.229.130.135
54.38.197.123
63.35.30.113
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.165
70.42.32.63
72.246.169.24
76.223.111.18
77.243.51.121
77.245.57.72
8.18.47.7
8.2.108.175
8.2.110.24
8.43.72.98
80.77.87.161
82.145.213.8
85.114.131.234
85.114.159.93
95.101.148.20
95.101.149.233
95.101.149.35
98.98.134.243
0019694da15cc40bbe17672fece995d8a83cb962e3cba6413ddda48207d15fce
007d31f73b2fad3f874c86e07743a7de6363a9d9a5ef57474ad3045d54e84030
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02aeab19d95da55371abf742de8294d97bd8c7cb3f8403cb6f36da9ec0d6968a
02fa2bc5766f47846c02d249ca497a9641a7cbe75f4f1ffefe10315a113cef17
0301492f842fd6af4667f45d6c55fa6213980a6d853cf442c8764dd98c59afa1
033718a2aa071240f6adb758d23ca70c8be35d1b2e94fa7c954e3fea0f784214
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
049b49126c52cbab80d35b77d4a2e457d5e2883929e99ee62daa6faf85346954
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0755099f2b915dfbb9ab14886be002aa45f503efeacb2534910ea47a37b30110
080bebf7a7e645087e20d9dab93ad1b197c4f7429da425f6c9ead87743775dfa
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08378d86b27302711b14b0161058ed9b624b3c2c01a14d8ab52d7535cb673faf
08421f6131f6a1f52003fabef0d6ff654e6217906eb4322bfca0375fc2e657e6
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b10180887c43fe8adf9e0042338deafea681a662ef6f561799fd3677ea489df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a1a68204c0d283f06866baf7e6e4d491a944acc655edd72eeb821433c42f9
0c12c95139cde51859ce269dd02adcd169dc42b21de5a7a76fb1bf968f3d7896
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d18a083edcacc02f61fa6cc839d09181f9c68ab261110f4d3aa666408ad029e
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6
0f5f75bdda356e9ce00c17c1cad88c6064fb2cffdd291a4029eb74dbc35c0b07
0fb7485090b82399e9e24e36127c755bb9f76a0e498a5708f6891303994b2772
105be4f1932f30b7c0ff236030726430a2901f6571727c4175dc6f8dd87cc804
113ccd6bf42f35f6c241c787f3cd495f08e7c196795dab8cc8410c5c62f0dcb0
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
1553d1682df6a65074932cb6d6b93bc4edc04decf0968ea1821043f0a1b076ff
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
179ee6dfd0a200d378839d2f991cb38eb71675e2024d8f59717b0d72b2bd5c0f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
195a5b210e38f760889bbeb2412a7c61204fdec80db36d3da65ee0e710c3d3aa
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20faf2c3fdacef1f027bd51616076f5432d090d9fc2e3d7aefdb28dbc8346279
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27f902fe7278249793a4678e00da54f85dde297a08b4865d56814d9aa88c6e4d
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2a04c860ebe4f6a1678dfbf58081cd3b38f46312d38c23d78738e1bd6f624067
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dcf4d8132f4d48811ea382ef098d65a7fec36ba4dfc68dc4643acff2b9096ef
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff7e1b42cf6a24deef86e871af090de1b994c3e3eded0ec5739725ff312b40c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320604491a1d36d05bd41cf7cfce3784112302a9d6f0b5b628b47cf42a3fc510
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3305d9b2061214470bc746e01ea00bcea7a4e86e94ac2714b3e8577de787f7ff
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b533fcdeceaa905a7b2da2e2d55dd2ac0b2968c0ea247fd6ab2076f2f3bfbca
3c0d9e37e84dce8c7cbdcf693b07b616bf8f1b6cfcba0eb651a159d8be031f8c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f24bf6841d661f467381737dea4e315911bc7692e029996c55fc5ae685221be
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401
42915aa2defbdd04182826933ee59b2c2eb6f6e70624ad30c819bc6067ef88f1
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477b76854bf22bf2552616bec7fa4a2241d993539103fe95230cc8c99c28a4f4
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47e4bf16e0562d31e6a76c3863aac0552c44bb318b2553b37e0da2adaab44ab2
488b2ad1db2c7521edf8320e88cccaba68118a5c075d5e3e2a5ee475220d7eda
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b18c0d71f2667bb452605eae1ca3f0c24ffe0c843b755752b21e7cf9d5d3e7
493aa280392641c42cbe54438f84131826910b2cdc38fe24a9220083732a8199
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7bc15813e088b628c6c0c0bc9b82384c32450a318bd6d64c591d2640c02ad0
4b82b0dfa8f87eeda1296fe320f159b8bbe7ecce54afae80fe4c26d90676bb8c
4d3881446be932a5a13add10588407b357cce58dec8447c356a53ea378f48694
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51032fd4a6ac2f2aa56e9d8f72b21ac8f896d4ddec61e3f63c5187378ff5dd8f
522fc60f50dcb1d321b948a81e966415421c507db0b625690cf8e4be8bbbccb5
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
53039d469b6ad5471389eb0bf9016e90890e766f076f0ebbdd79b5ec289252b2
532f12f5812b0147d4bc778b443e88251c1626cb157507e1c34547aec6ad132a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5483fea01b877670e7ea5b29664c393f45b593f2f8f2fea36fdbe61bc947b5ce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566d598099199f4a6d2df6f0e78c6625d0c3ce3cd68213e129ee46de64445b22
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5cec730ded36ac4eb2b92c02a7c8eb64029564de90408a9db98851197c724309
5d293c88ac4a69e4639c2264aecd15890751f1972d5f9b98829db400260cac71
5dc60fb236703a20398bb50f22e9245f253aac84df1a467f781f9fdf0a11ca36
5f79870da8c10745e6e70dbf5483df6eb84d74eaaf8f0d72ce2aa3153c146ae7
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639ad34fd7570ef82ee3aec55328e055a0d97475110315e6fb73093c1637535a
64ff6dba69f4f35ea24c53da8458668b0127c7ce40baebfb346454193495086f
651c046e442226b5e750c861cb6e260f2f5843ff21556b75af53cf0b94ee0311
65ca7c515068a33e46243dc642808e29be6705bdb0d4d15ad35ebf48dcf81f7f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
680e306e40e9217220961c2f025f1bf45027ab73656ed541e3502a8ea5f8fe2d
6841129e8733680d74b55f09f89cacb81c939c14b4c0e05721b1c55aef9e9ebc
6966129146e8cc20ac37653ac2399ac02a408691761b8670bad2ad29f8e4c249
69c45de961eb24cf709ea37cb2f6834bcfdefd572735fa8436f6f1f2aa18130a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6fe093e5a1fa540945afb6484cf6170dda2317795ce1816259932e997cad04da
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7350c966d4d572786ce6e75b04f9e1f164329e5737d9d63b9382e456eb2343ed
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
76432cd24d12b969e8690c3c2dfbaea8405cffa4809869e64f35b2fcbb3d4cb5
7643b6b4cac22f5ddc161df654e52fd6cc9c0c4347430c4d2f3bd0bd9448f8ed
76fbe5ec8688b4bf9e59682f253b9ed6b099940edc8d9a4e8cc87fc65580bc20
788a0a1fe12bca350a4833fec7709e01fb9e6c402863324086316c4981c45268
791a45f0f91d909dd93579e76424ca0ce4afce1c15aa834265ba027baaada045
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7ca964041c17f04846df306bc795dc27e65422bb63340004ccdf96b2901093c3
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f65bf528da6876cac19452b97953da8a48567b405d8eb4f9c335e18c367a78d
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
812231f393f41dc6ffb8245a1ae5f620d6e900b1346750906f0fc530c56ee079
82698489a2ed83e016387da8061c428a5c15c9d0bfe0ae83e22ee426b3f45d6c
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8425f97b69cdda2d3d9321085698fbd7978d9c8e75371aa42f9eb4dfdfbee231
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
87647fd337d89a07d0f3282b3a2c1ac4c4d6e2b23a6bba74142156e933869bb1
87a898d8c1f92c2cb35077e7fb654db1fb87b59693a9fb36dd569bde357c1503
88710bc76991e9722eb60f588684236db51d93d2940dc28b6e4cabe84c0bf251
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de92dee635c9316637efd98325e847cd7df3019a5a7f8dcadc72ed7864aeace
8eb86270e92e3dfd61282b072514f208d4ff292506af801e66b7aee73e5f74f5
8fd1ff06f0cbd553dedcfefafb3dff64e75f95240ae1368ee6d2c1d1d6d60572
9010ab3abfe3a90b78c2b656ab60b57c29a2802b033e22f38a5acddc3b865edb
9015353893f0bfb64d0a469656d3ff5ab6c3f2a29e406abdcb55770b0863212b
9058b6f4ef74a0e1058ecd945e04abbecabe7e407849104f4b7455fb3e0865dd
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93a8a756cb758f61727b2854db5120594f13922b4d271d1f5ffdfa63dbab62c2
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd
95c75ca873ea2bccefd8504f9f8ba790eed143d56f3e2034ea93874ca39fd4c8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991e8c37b8bcb61edee3efa598bb7290624e7ba26fc39fa80fafe0fe76073b09
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7c14232b20cad413f063c9830b7700b9cc18f80b72cac58e7537d2576c3376
9c19acc20d3f4ccaa5940a0a7b0f1db7cf9e7d278faca4ff5ed80fcecf0f78e8
9ceff04778a5b667890b001652158c773315f21b60ca28e73f257637f6667710
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2df9d32f2fc3b888ee63fb28fa4066fa1f20cd00ed296527836200ff83f9b7f
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a49a531d815be651105ceb2de4e9406591ad8ab95b0a40d0c4197a4d9550cacd
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a54f0cd19d664daef6cf1f12ed80eb582690e513fbd7d09543c5edc5cea787c1
a5844340a0e5610b8eeda4422fa0e570ce36eebd31ebcb230e371b1edd792aac
a64482145bf7ab93c29701986fd459fadb68b9455864f8c0f957e83242b21866
a6bd14372c2f74d0ba53d35cabfed3c07491fc35d7d33a56ea5730a57eaa3724
a8f3822fa5fc1eb151d81f75450a122be1544018e50d031ed5fe03a0ae497cbf
a905790c2388b2111163868d43785e24f12daac870d5a2ede31720f5953aee45
aa4a7d90fead1e316441f139fb5469739e14442d2402119207232dd5bac4ef7d
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be
abc9cd11a9e44ca6d67c066c2e1fc0bf277de892accbcb55dea7876a5b968e36
ac7a6fb515f97d3997833bba9a67578ac81e5897f8a9daca6fb1a31de783dadf
ac89553301773a9cc1e106ed7b2d09df4b74314e9c0e241dac9d48bce49d16b2
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b049468efa78d9ca1eecc70fb758c12964baad2d0f14ffdae89dfecc468e9617
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
b29d53698ab78c705a7ed36e20dad295447accf246ee8ee1758db8b1d1d8a636
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b86b0b6a0d77cbb5a92a2c46af2d723f03e08059b906e7bd283aafd9987adcfe
b935a1bcc81b5e7d8c7de5c7a4bcc2a5cc241b6fdcf5bf95e24e93bf30744175
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
be4b39fb68cc195526653b993ee58caaf95c9287c75b461a69dde0157496d2d4
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
beed20444984184c71e466569f94a363163a263d0c8f3047a4f2ffd1d9e27e75
c02dd3b3fd546bf20be03f61a2f48dfb8f131dbf241fce6bc9eaa6cde517a696
c1b745bde8193b5ff3c09b0f513c084cf90548c701a50491a906abcfe4621956
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22a6ca09196e492cfc38961718ce3618d2b173af2119575f6854871aebfa080
c28eb52d373bb06b1293c3ebd5e846e6b5817c670a935f484bc9f7d46e4c1a91
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a
c6f1b5e6c94bd7ebcab71ff2491e50e15fdfd3c55179e49c943e9799de9ba51c
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cdcf44413b3a8dfc11f8e144ef724859deb02d20dc706e16060ab0ffcf6ab380
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d592777a6d54b69a8e48ad9ef2b7abeb4c3fec5e8d88935956423d3dc8f069b8
d779ced4a60cb59c31e90cc19d1b45e34a624d739786e4c78ab068cff8d660c6
d8ba4d0c7bb96b7ba43d942c0a9d4e988c7ca26152f6595e5b85004386e207c3
dc840bee9c75f9be79501bb274278e03bcd666f81ca274054936d30eac3eb843
ddd27bdc1bf1af858b2e41de8455b62f90e580a1d7dc854eca40029fc126c3b7
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e030eebe87b2f584f6b2bb8587f232b832353dc3d473b4a41a8c875ecbbc2fde
e055a5e0424103cd7bb75920b7437ddb2ee52be85547cc32ca9d2d52596a2c7f
e0b65ccdd8685afe8be8ca812f3c51634ea1469e4b57ee6dcd07803bde6590e1
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2473b3cfa63285cbb9a41a069033cc54b036d1e9bdd55ff449b9590b63c34c6
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea668e29aa412a57ade2fecdf59476037535e8c614b457e3658078d87cae7682
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ec76eff0c43cc54492c5aedd759cc74cf0626ad0d38ec0dfd6fed6960e86a9af
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eef130cd4b5772a252c5c9feda8c7910b5e1e52cfa27887886043ab266421fc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04a42cbe9a6dd17d6cf3d91423b737b86978d0e6c89af47c15eb483b95dd03c
f0c8f434c3c522626918fdf83df4bbffabf2d0117c028eb8d1332d9367d652c7
f107e08b76a563f441e852848b697913a851667e854361fe3a01d8ad20bb0d29
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f513ce4f55de4feb0213f25b8784a255a71a4215a806035f5f6130aa171ef6a9
f5dafe51d93abc7247e4d5fd7f281f426de9043666ac7ef6135c9ed7555fe69a
f659b638b78682b7d8b25db135532c4e2ad71e35c40e35be752e5f265bd85634
f66e93a21510dc8145b088e7505238f89820a4008839491bb713855ddc46e474
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f698d0a11fcf4c8398d8b0c425446c14de10a97c2e99cba1381f9c7a3bc8b8df
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7c396389d29828343d1d8c085d5bad036dbe32962e06f0cb9c3f8bb72aae461
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0