urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-...
Submission: On September 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 123 IPs in 16 countries across 111 domains to perform 614 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 754565.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
16 2a00:1450:400... 15169 (GOOGLE)
1 18 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
1 3 162.210.196.208 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
47 151.101.193.44 54113 (FASTLY)
2 2001:4de0:ac1... 20446 (STACKPATH...)
2 7 2a02:2638:d::d 44788 (ASN-CRITE...)
49 2a00:1450:400... 15169 (GOOGLE)
8 23.97.225.52 8075 (MICROSOFT...)
4 151.101.129.44 54113 (FASTLY)
1 44 141.226.228.48 200478 (TABOOLA-AS)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
5 2a00:1450:400... 15169 (GOOGLE)
3 6 2620:116:800d... 16509 (AMAZON-02)
2 4 192.96.203.13 30633 (LEASEWEB-...)
4 35.227.252.103 15169 (GOOGLE)
2 2a02:2638:3::7 44788 (ASN-CRITE...)
6 14 185.89.210.122 29990 (ASN-APPNEX)
2 69.173.144.137 26667 (RUBICONPR...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 4 147.75.84.158 54825 (PACKET)
2 185.255.84.151 200271 (IGUANE-)
2 18.194.200.250 16509 (AMAZON-02)
9 104.22.69.131 13335 (CLOUDFLAR...)
2 18.194.149.72 16509 (AMAZON-02)
13 52.210.70.148 16509 (AMAZON-02)
2 34.107.148.139 396982 (GOOGLE-CL...)
2 95.101.149.35 16625 (AKAMAI-AS)
2 19 104.18.39.155 13335 (CLOUDFLAR...)
2 10 51.89.9.254 16276 (OVH)
7 2a00:1450:400... 15169 (GOOGLE)
11 175.110.113.208 49981 (WORLDSTREAM)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 141.95.98.65 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 178.250.7.13 44788 (ASN-CRITE...)
10 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
4 4 23.56.202.187 16625 (AKAMAI-AS)
10 23.35.229.251 16625 (AKAMAI-AS)
10 52.223.40.198 16509 (AMAZON-02)
4 9 2a05:d018:d29... 16509 (AMAZON-02)
5 13 18.196.138.245 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
3 3 96.46.183.20 7979 (SERVERS-COM)
1 175.110.113.216 49981 (WORLDSTREAM)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
13 33 172.217.18.98 15169 (GOOGLE)
1 3 35.244.159.8 15169 (GOOGLE)
7 11 69.173.144.138 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 54.239.33.159 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.128.147 16509 (AMAZON-02)
4 3.71.149.231 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 141.226.224.32 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 178.250.1.9 44788 (ASN-CRITE...)
2 3 76.223.111.18 16509 (AMAZON-02)
2 3 35.204.158.49 396982 (GOOGLE-CL...)
2 54.247.148.218 16509 (AMAZON-02)
1 3 81.17.55.109 60781 (LEASEWEB-...)
1 2620:1ec:46::65 8075 (MICROSOFT...)
1 151.101.65.108 54113 (FASTLY)
1 3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 3.76.148.198 16509 (AMAZON-02)
5 6 37.157.6.232 198622 (ADFORM)
1 99.84.88.2 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
1 184.30.20.22 16625 (AKAMAI-AS)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 52.214.97.78 16509 (AMAZON-02)
3 184.30.16.195 16625 (AKAMAI-AS)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 3.234.116.116 14618 (AMAZON-AES)
2 2 216.52.2.6 32475 (SINGLEHOP...)
2 216.52.2.16 32475 (SINGLEHOP...)
6 7 46.228.174.117 56396 (AMOBEE)
3 3 46.228.164.11 56396 (AMOBEE)
3 3 193.0.160.131 54312 (ROCKETFUEL)
1 69.166.1.35 27630 (AS-XFERNET)
1 1 18.211.6.208 14618 (AMAZON-AES)
2 52.28.250.143 16509 (AMAZON-02)
1 1 104.123.44.23 16625 (AKAMAI-AS)
1 8.2.110.24 46636 (NATCOWEB)
1 1 185.183.112.148 60350 (VP)
2 4 185.86.138.150 201081 (SMARTADSE...)
2 80.77.87.163 46636 (NATCOWEB)
1 1 185.255.84.153 200271 (IGUANE-)
1 141.95.32.72 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 72.251.241.204 32475 (SINGLEHOP...)
1 2 2.21.20.202 20940 (AKAMAI-ASN1)
3 5 151.101.194.49 54113 (FASTLY)
6 6 52.31.195.171 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 5 198.47.127.19 3257 (GTT-BACKB...)
1 8.43.72.98 26667 (RUBICONPR...)
1 13 34.247.233.198 16509 (AMAZON-02)
2 3 64.202.112.159 22075 (AS-OUTBRAIN)
2 2 54.158.55.205 14618 (AMAZON-AES)
1 1 54.146.97.31 14618 (AMAZON-AES)
1 8.18.47.7 398989 (DEEPINTENT)
2 2 64.74.236.127 22075 (AS-OUTBRAIN)
1 1 2.23.197.190 16625 (AKAMAI-AS)
2 2 208.93.169.131 46244 (WEBMD-IDC...)
1 1 124.146.215.42 2514 (INFOSPHER...)
19 198.47.127.205 62713 (AS-PUBMATIC)
1 2 52.209.147.201 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.147.123.103 14618 (AMAZON-AES)
1 2 138.201.8.249 24940 (HETZNER-AS)
2 8.2.108.175 46636 (NATCOWEB)
1 1 37.157.6.233 198622 (ADFORM)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 1 35.214.239.140 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 15.235.15.221 16276 (OVH)
1 18.198.69.109 ()
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 82.145.213.8 39832 (NO-OPERA)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 141.95.171.142 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.186.154.107 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
2 2 98.98.134.241 21859 (ZEN-ECN)
614 123
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
16    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
18    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
3    162.210.196.208 (Clinton, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
4    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    2a02:26f0:3500:12::1730:179c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.adpushup.com
47    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
2    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
7    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
49    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
4    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
44    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
1    2600:9000:225b:5400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
5    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com
3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com
6    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
4    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
14    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
secure.adnxs.com
2    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    18.194.200.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
9    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    18.194.149.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-72.eu-central-1.compute.amazonaws.com
tlx.3lift.com
13    52.210.70.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
19    104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
10    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
7    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    175.110.113.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-208.hosted-by-worldstream.net
ad.vidverto.io
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-1986575664913338571.ampproject.net
1    2600:9000:223c:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
10    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
45    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    2a05:d018:d29:3605:316a:16ef:4691:e00e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
13    18.196.138.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
3    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    175.110.113.216 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-216.hosted-by-worldstream.net
ad.vidver.to
1    2606:4700:e6::ac40:c526 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
33    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
adpushup-d.openx.net
us-u.openx.net
11    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
9    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
2    54.247.148.218 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
match.360yield.com
ad.360yield.com
3    81.17.55.109 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
1    2620:1ec:46::65 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    2a02:26f0:480:22::1726:62d3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    3.76.148.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-148-198.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    99.84.88.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-2.muc50.r.cloudfront.net
public.servenobid.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    52.214.97.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-97-78.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:3a00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    3.234.116.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-116-116.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    18.211.6.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-6-208.compute-1.amazonaws.com
ssp.disqus.com
2    52.28.250.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    104.123.44.23 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-123-44-23.deploy.static.akamaitechnologies.com
hbx.media.net
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
4    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
wt.rqtrk.eu
1    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    52.31.195.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-195-171.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
13    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
3    64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.158.55.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-55-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.146.97.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-97-31.compute-1.amazonaws.com
sync.ipredictive.com
1    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    64.74.236.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    124.146.215.42 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
19    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    52.209.147.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.147.123.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-123-103.compute-1.amazonaws.com
a.audrte.com
2    138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de
sync.richaudience.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    35.214.239.140 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 140.239.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    18.198.69.109 (None, )

ASN- ()
loada.exelator.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
99 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com
3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com
970 KB
96 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1076
trc.taboola.com — Cisco Umbrella Rank: 674
vidstat.taboola.com — Cisco Umbrella Rank: 2913
am-trc-events.taboola.com — Cisco Umbrella Rank: 13572
images.taboola.com — Cisco Umbrella Rank: 1811
imprammp.taboola.com — Cisco Umbrella Rank: 13424
am-match.taboola.com — Cisco Umbrella Rank: 13561
wf.taboola.com — Cisco Umbrella Rank: 3138
am-vid-events.taboola.com — Cisco Umbrella Rank: 12698
vidstatb.taboola.com — Cisco Umbrella Rank: 5470
pips.taboola.com — Cisco Umbrella Rank: 1685
cds.taboola.com — Cisco Umbrella Rank: 2059
sync.taboola.com — Cisco Umbrella Rank: 1143
am-wf.taboola.com — Cisco Umbrella Rank: 14755
2 MB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
cm.g.doubleclick.net — Cisco Umbrella Rank: 259
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
707 KB
30 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 572
image6.pubmatic.com — Cisco Umbrella Rank: 869
simage2.pubmatic.com — Cisco Umbrella Rank: 896
image2.pubmatic.com — Cisco Umbrella Rank: 1056
simage4.pubmatic.com — Cisco Umbrella Rank: 1301
39 KB
30 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 981
fastlane.rubiconproject.com — Cisco Umbrella Rank: 557
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188
eus.rubiconproject.com — Cisco Umbrella Rank: 656
pixel.rubiconproject.com — Cisco Umbrella Rank: 385
token.rubiconproject.com — Cisco Umbrella Rank: 662
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1232
64 KB
19 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 645
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
dsum.casalemedia.com — Cisco Umbrella Rank: 1573
13 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 279
cdn.adnxs.com — Cisco Umbrella Rank: 1903
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6339
acdn.adnxs.com — Cisco Umbrella Rank: 643
secure.adnxs.com — Cisco Umbrella Rank: 500
61 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 399
328 KB
15 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1197
x.bidswitch.net — Cisco Umbrella Rank: 369
3 KB
15 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 455
bidder.criteo.com — Cisco Umbrella Rank: 866
mug.criteo.com — Cisco Umbrella Rank: 2500
dis.criteo.com — Cisco Umbrella Rank: 633
19 KB
14 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1688
usersync.gumgum.com — Cisco Umbrella Rank: 2138
5 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2661
public.servenobid.com — Cisco Umbrella Rank: 5257
9 KB
13 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490
ups.analytics.yahoo.com — Cisco Umbrella Rank: 352
5 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15734
e3.adpushup.com — Cisco Umbrella Rank: 18621
282 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
170 KB
11 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
243 KB
11 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 31959
211 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
3 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 799
2 KB
9 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6963
csync.smilewanted.com — Cisco Umbrella Rank: 3056
static.smilewanted.com — Cisco Umbrella Rank: 11944
17 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 796
oajs.openx.net — Cisco Umbrella Rank: 1391
google-bidout-d.openx.net — Cisco Umbrella Rank: 1399
adpushup-d.openx.net — Cisco Umbrella Rank: 25659
us-u.openx.net — Cisco Umbrella Rank: 518
2 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106
s.amazon-adsystem.com — Cisco Umbrella Rank: 335
6 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58
imasdk.googleapis.com — Cisco Umbrella Rank: 521
129 KB
7 adform.net
c1.adform.net — Cisco Umbrella Rank: 660
dmp.adform.net — Cisco Umbrella Rank: 3578
cm.adform.net — Cisco Umbrella Rank: 1256
4 KB
7 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 906
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 730
3 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37628
sync.aralego.com — Cisco Umbrella Rank: 3214
4 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 632
3 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1977
www.google-analytics.com — Cisco Umbrella Rank: 49
761 B
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 226
340 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1322
pixel.quantserve.com — Cisco Umbrella Rank: 1108
cms.quantserve.com — Cisco Umbrella Rank: 933
11 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 778
1 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 624
3 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 666
eb2.3lift.com — Cisco Umbrella Rank: 440
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2910
3 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 596
2 KB
4 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1071
ap.lijit.com — Cisco Umbrella Rank: 747
2 KB
4 bing.com
www.bing.com — Cisco Umbrella Rank: 76
c.bing.com — Cisco Umbrella Rank: 269
28 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 156
partner.googleadservices.com — Cisco Umbrella Rank: 1180
813 B
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1453
contextual.media.net — Cisco Umbrella Rank: 712
hbx.media.net — Cisco Umbrella Rank: 1338
11 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
478 B
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15983
42 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3243
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15699
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 20565
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23515
897 B
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 886
1005 B
3 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3508
cs.admanmedia.com — Cisco Umbrella Rank: 1127
40 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 982
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 991
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 935
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1767
2 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1606
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4269
visitor.omnitagjs.com — Cisco Umbrella Rank: 1072
785 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 653
74 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 770
938 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5086
562 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1294
1 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3341
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2211
422 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 957
627 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 617
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 597
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 773
2 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 605
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1513
565 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 610
35 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1332
858 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 733
cdn.indexww.com — Cisco Umbrella Rank: 1763
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1052
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2383
ad.360yield.com — Cisco Umbrella Rank: 743
397 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
90 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1581
756 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 828
id5-sync.com — Cisco Umbrella Rank: 432
27 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27806
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 16086
c.statcounter.com — Cisco Umbrella Rank: 10633
15 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2801
555 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3221
642 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6242
279 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 24751
412 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3169
308 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5824
370 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1528
553 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3625
104 B
1 exelator.com
loada.exelator.com
93 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3456
439 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1063
225 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1207
699 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 628
774 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1148
44 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1099
465 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1661
423 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10371
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1919
351 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2045
712 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1432
274 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1120
399 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2275
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1988
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5532
526 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4957
34 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1663
63 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 405
674 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 23946
3 KB
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 55771
155 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10548
258 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1255
635 B
1 ampproject.net
d-1986575664913338571.ampproject.net
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1537
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1891
3 KB
1 bg3.co
www.bg3.co — Cisco Umbrella Rank: 754565
static.bg3.co Failed
16 KB
614 111
Domain Requested by
49 pagead2.googlesyndication.com cdn.ampproject.org
www.bg3.co
ads.aralego.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
45 tpc.googlesyndication.com www.bg3.co
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
38 am-trc-events.taboola.com www.bg3.co
33 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
www.bg3.co
g2.gumgum.com
23 images.taboola.com www.bg3.co
18 securepubads.g.doubleclick.net 1 redirects www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
16 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
13 usersync.gumgum.com 1 redirects g2.gumgum.com
ads.pubmatic.com
13 x.bidswitch.net 5 redirects imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
ssum-sec.casalemedia.com
g2.gumgum.com
13 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
11 www.google.com 2 redirects 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
11 s0.2mdn.net www.bg3.co
s0.2mdn.net
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
11 ad.vidverto.io www.bg3.co
ad.vidverto.io
10 image2.pubmatic.com ads.pubmatic.com
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 match.adsrvr.org www.bg3.co
imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
cdn.adpushup.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
10 googleads.g.doubleclick.net www.bg3.co
pagead2.googlesyndication.com
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
10 onetag-sys.com 2 redirects cdn.adpushup.com
ad.vidverto.io
www.bg3.co
public.servenobid.com
csync.smilewanted.com
9 simage2.pubmatic.com ads.pubmatic.com
9 fonts.gstatic.com fonts.googleapis.com
9 pr-bh.ybp.yahoo.com 4 redirects imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
9 ib.adnxs.com 4 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 e3.adpushup.com www.bg3.co
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
7 fonts.googleapis.com cdn.taboola.com
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
cdn.adpushup.com
6 match.prod.bidr.io 6 redirects
6 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
6 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 image6.pubmatic.com 2 redirects ads.pubmatic.com
5 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 c1.adform.net 4 redirects ads.pubmatic.com
5 htlb.casalemedia.com cdn.adpushup.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 creativecdn.com 4 redirects
4 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
4 dis.criteo.com 4 redirects
4 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
4 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
4 ups.analytics.yahoo.com am-match.taboola.com
public.servenobid.com
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 prebid.a-mo.net 1 redirects cdn.adpushup.com
4 rtb.openx.net cdn.adpushup.com
4 sync.aralego.com 2 redirects ads.aralego.com
4 trc.taboola.com cdn.taboola.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 simage4.pubmatic.com ads.pubmatic.com
3 sync.outbrain.com 2 redirects g2.gumgum.com
3 p.rfihub.com 3 redirects
3 ad.turn.com 3 redirects
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 ssum-sec.casalemedia.com public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
3 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
3 www.bing.com 1 redirects googleads.g.doubleclick.net
3 ssbsync.smartadserver.com 1 redirects googleads.g.doubleclick.net
public.servenobid.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 dsp.adfarm1.adition.com 3 redirects
3 ads.betweendigital.com 3 redirects
3 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 static.criteo.net securepubads.g.doubleclick.net
cdn.adpushup.com
static.criteo.net
3 ads.aralego.com 1 redirects ads.aralego.com
2 pixel-sync.sitescout.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 us.ck-ie.com csync.smilewanted.com
2 sync.richaudience.com 1 redirects csync.smilewanted.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
2 cs.admanmedia.com ssbsync.smartadserver.com
g2.gumgum.com
2 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
2 sync.targeting.unrulymedia.com 1 redirects public.servenobid.com
2 ap.lijit.com public.servenobid.com
csync.smilewanted.com
2 ce.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 www.gstatic.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.google-analytics.com www.bg3.co
2 www.googleadservices.com 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 mug.criteo.com www.bg3.co
2 oajs.openx.net 1 redirects www.bg3.co
2 a.teads.tv cdn.adpushup.com
2 prebid.media.net cdn.adpushup.com
2 tlx.3lift.com cdn.adpushup.com
2 prebid.smilewanted.com cdn.adpushup.com
2 grid.bidswitch.net cdn.adpushup.com
2 hb-api.omnitagjs.com cdn.adpushup.com
2 fastlane.rubiconproject.com cdn.adpushup.com
2 prebid-server.rubiconproject.com cdn.adpushup.com
2 bidder.criteo.com cdn.adpushup.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 match.adsby.bidtheatre.com 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 am-wf.taboola.com vidstat.taboola.com
1 pubmatic-match.dotomi.com
1 loada.exelator.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 csync.loopme.me 1 redirects
1 3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cm.adform.net 1 redirects
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 tg.socdm.com 1 redirects
1 ad.360yield.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 us-u.openx.net 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 sync.taboola.com 1 redirects
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 visitor.omnitagjs.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.admanmedia.com public.servenobid.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 static.smilewanted.com csync.smilewanted.com
1 js-sec.indexww.com cdn.adpushup.com
1 adpushup-d.openx.net cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 c.bing.com googleads.g.doubleclick.net
1 cdn.adnxs.com googleads.g.doubleclick.net
1 adsdk.microsoft.com googleads.g.doubleclick.net
1 match.360yield.com googleads.g.doubleclick.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 code.createjs.com s0.2mdn.net
1 b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 stats.g.doubleclick.net cdn.ampproject.org
1 px.ads.linkedin.com eus.rubiconproject.com
1 vidstatb.taboola.com www.bg3.co
1 google-bidout-d.openx.net oa.openxcdn.net
1 amp.analytics-debugger.com cdn.ampproject.org
1 ad.vidver.to www.bg3.co
1 a4p.adpartner.pro 1 redirects
1 imasdk.googleapis.com ad.vidverto.io
1 pixel.quantserve.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 rules.quantcount.com secure.quantserve.com
1 d-1986575664913338571.ampproject.net cdn.ampproject.org
1 id5-sync.com cdn.id5-sync.com
1 secure.quantserve.com cdn.adpushup.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 static.bg3.co Failed www.bg3.co
614 187
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
ad.vidverto.io
R3		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tls.adobe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-08 -
2024-03-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 05		 2023-04-07 -
2024-04-01		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
r.bing.com
Microsoft RSA TLS CA 01		 2022-11-15 -
2023-11-15		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh

This page contains 108 frames:

Primary Page: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Frame ID: 0AF868A0FCD3E4E5F79AD8D055B112AC
Requests: 233 HTTP requests in this frame

Frame: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B65F879F972A7B76142A972EA269980
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6jyNFqtD8NXFC8QKhtlstLDs3ry5oYGEUooH9NxXHvexpAQLXXYKk4STE3eL0RYLEIHAgp9r5OYWdVfYarObgXe1sYD6T_JXIr5dUrMJxDvTAlJgZVVrd4NBylrGm-bTYBbIgUX3kYZFVIPHvKSStmBjR9d4qHwozbK4Y4TR9NdUGKXB3X2vyE2jC4CS5w5BxrxyEek7qBuQpDzKvtP63jWEQKuzazJoYgMfiyx45pRGv2nFEFwto8q_DXG0b3_EOb9fHOoIjkipdix-rn9JPuDbb3jmq4tSuc2jUUKPrdmJOXeMUjv7XkXO0hPtZ9lqpVHUj&sai=AMfl-YRE6AueNNv4lqCZmAHszcsWYKmx5dKUi0n0Wv3KelJ6FK4Hsf0Far-UYNgIFSNtYfJib3oRIFR2QczQAdyooB7E2hcZvXh0VA7MfvcBppDS3pECzoT8tC1iFSi9dxF1eH6BjL59wi_35ARr7gQ&sig=Cg0ArKJSzN8joOo3iQZLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E9A7EE4E52A5B9B1B949BBCFEAB09196
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Frame ID: 4F20F65E42B78DBF53997BB9B5F3F548
Requests: 2 HTTP requests in this frame

Frame: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF0B48E0EE4D7D7DCCB49DFCB06E085E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Frame ID: FB2288A812E0DE6A15224180EF007050
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 07CF5321FADF560CD9EBCC59D2C30BB1
Requests: 14 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2CAB3180A3D351212AE56BD46CDF185E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 5DE6FADD7B318B1ED4C4D947F251ED2F
Requests: 11 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=undefined&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=131faca3-f1f8-4fe1-9546-25cb4deee670&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 561D5CF0448B795FA88B3A349AB7DA68
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F5B7B64C5B5E96A947437FDA3CBE08AF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CB6FC4C04B9700EF2AEF12ECF0ADD504
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: AF029733A3A150AD71F33F2D2389A4CB
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: BA242946E6E75B90E7FC438E02FBFDCC
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BB9F70EFA0D85DE9AC7F867556205455
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 677653620F5181C85CB8594CFFD11BF6
Requests: 4 HTTP requests in this frame

Frame: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F87C359E07B56F0B41F766BC280845FD
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 9F9436F5FFD99E75DC548011584ACA95
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html
Frame ID: 24C8A720FBDEF2D8E494619D4B8681F2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DF03E8F0909B73EBFD9F414F7E6133A3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: 7B74C8B010B0DBE888DAD534CDB9C2B1
Requests: 1 HTTP requests in this frame

Frame: https://b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E86F71C6E0D02B46392D119B4CC12C24
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
Frame ID: B8A83F949A42C0638345A04FC7917342
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Frame ID: 175822B25D4345C6362A798B30B4CC11
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06643FFD3B6EFBB961160F56E06D47A8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Frame ID: BF8FE92C8F0D0E9D912440C22F11CFF9
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3967F97E72DD1FD79A7377C095788B75
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB702F598A68A70DCD8CFF3779A1AE1B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B68638D8A5172221950B1390B7C5170
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 5F1FCF7E2343B326CF2A0F9C05C9325D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A150C8E1CABD93A3BD4E0D88B215827F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: F4CCB8407D04D3D407939A53DF62F8C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Frame ID: E82CE0AFBE8BD6522835B83BCA7F70DC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83CDADDCCA70001AEBBF0395EA0F245C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57E91490BAB64E05779ED0E619BC04BD
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 52E3B3BAD10B01FF83A13E0D0FC060F3
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5E96983F344749E448FB5A8E65ADFFF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD091767D0AF39E2DEA909E79C426490
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAE36C2C19888D7F71BAF66780825153
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9FB97C77EEB6975DDD7655E8B827D4E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA4F84E9E274BF23FA4F9E9E90F33311
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 567E9E4BB08D536D13E8C230C2A4A13C
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: C4D42BA4B94E39B84A6B978BC06D5505
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B2E3FD2FAA6B17CF19CF59B7F9F911F0
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 63DE16E46033CE95DB1AEC0E6CB44188
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: DA42E580E1E6DBE21D64503B619BDDFF
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 8A886A7E49D915F2885D98553BC9413C
Requests: 1 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd
Frame ID: 168620376AF2E43DB0A2DA039F977CDF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694129495210
Frame ID: 14ED32F00E837CF12647CC8E7C52F031
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 805D23B10DD394E1E012CCEB8EB9A134
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5D807BA62A7C3CDCCBBD35AACA1E55FD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7A76CFE03B3CECF2030F2483B3E2D6C3
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 554055C471B8CB20E1D87CF167B990EE
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: CA08B09496C69356097BE88C9A42B0D0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 30534D4E9A3759B41375F479A9A4058F
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4CBC4F1996C3DAE28BE629E433807C0B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 7E3F493AD6E3CF0A0297685D13461690
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: A985443E52530AD36D57AAD1658D3C87
Requests: 22 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F2411FD01F27AC229CE5957F22C448FF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 2A89F07EAC86701E8131A68A7AE21B56
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 9084239A073A64322B57BBB27B6E2A85
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 257C424C05E70AD4D290C1A8E53958F1
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 3215E6C284A5F37210DF59D04A7F23C5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 766036C1F48B6FE243B6109748583888
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPpdWgAOncThHABY&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
Frame ID: 2C331807A9C0775707EC0A261185A5C5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZDJmMTNmMy1jZjljLTQ0MzItOGQ3My04ZmQ3MjJlNzdkYWI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: EFF15657BBE680FA4CC09096E8608E10
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 8285538AC0CA2C7A5E13D9782BD0EABE
Requests: 5 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: CC93103F966066CF589D3F08ACBE3C14
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPpdW8Co8XwAALBbAXMAAAAA
Frame ID: 8B21C218322DA16FE2327612875ADF96
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 4185B1B1D4A6A7DAD9ACDE04844BC746
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=2mYy9MbVjkLho1MaObdH&pi=gumgum&tc=1
Frame ID: EB1D339395B5663BF666F5928914A045
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 897025FCB5886E0079F2FDE914E0EC68
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: A65570818183F1FC6112ACE5F0B475A5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 541F8B01AFBC8C92D3B7EEB00F8DF69D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 74B11CAA73994E53BAD1A5460B42D6C5
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 155204B3AA2A0B0AB2BCDC6F0F9D3497
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=28B6492E-5EA6-422D-8273-13906E0D69FF&redir=true&gdpr=0&gdpr_consent=
Frame ID: 6D82E724C045D9D0FA9051794C63D4CD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
Frame ID: 6E4B31D72389EC7DA585E36065BFE037
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=28B6492E-5EA6-422D-8273-13906E0D69FF
Frame ID: AF9A9A84A04C3B2AE0E5158E60CF2EF8
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 18D947BF85BF60AB8D25C14A47AC9B46
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
Frame ID: 9E8AF3DEE8BB0F4973B046ABBBB997E7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/97eea2f0-7093-53fb-bd1b-5e3bd9e10363
Frame ID: 5D02116AC833E685CA86785B510DE27D
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 63E8682ECD0E1C0DBBCADC48F6BBF48C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1733739090128167800
Frame ID: 33085409E62CDE04E88A42733D57C701
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/8310279cf12a4acb628b2a19c4ba7d6?gdpr_consent=&gdpr=0
Frame ID: 1FBD872019A44560D829FD3609F35F8C
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 37EA63DB1292B3DAEF2709566830CDE3
Requests: 1 HTTP requests in this frame

Frame: https://3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 52A21BCAE7FBB4EFA063F42D93919928
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: EFD926A78E21CF2929AAE41C57C9DC9F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2626745A178EA38E5BF853806EA303C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 475962C8252D0E1AE3489CCA342A84C9
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Frame ID: 460E3B0D840ED8B7F6B932306D1642F8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3572860629678642372&gdpr=0&gdpr_consent=
Frame ID: EB1EC9482BB09A71990E18E5B4321618
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KIQCOuOnXadA3vHChOu4h4rHJoU&gdpr=0&gdpr_consent=
Frame ID: 8B4264ED218FB4A9BF1CAA6DD8371110
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276230784805632146&gdpr=0&gdpr_consent=
Frame ID: BB21CDE6A7AE9562E5EC6942532C440B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 20626EB21C8BC58C3E8B8689A9EBD512
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F44DCC3BE1EB1F93FA4790F534944F1B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: F06A70724954815CB35DFCFCC6CDCD17
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFCXE7J9LsAABSEx-088g&gdpr=0&gdpr_consent=
Frame ID: 2A5537C1CE38450B3593777DB8685B03
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=28B6492E-5EA6-422D-8273-13906E0D69FF
Frame ID: 819AE3C032154495E3096844E2C25B43
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d419bc8c974de7ac1e3822d664f2a9
Frame ID: C1FC012ACD85643D7ACA2AE7B8178A82
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725121148145
Frame ID: 7A7F8C621E9A4651A8552546881ED453
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4877306777300480605
Frame ID: 71F966D9B6DA0334E8F7C4041D85C1F6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5B348DE83A3AC57B0DD77596AEB050C7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Frame ID: 09EE573222E8B740A0CA65A01C323740
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMVXngjRaUVWTUaVT&gdpr=0&gdpr_consent=
Frame ID: AFF6E1DE8A8F3A6C411BC14D9AAF4E5B
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: F1EF14961BE0312B0F5FFCB3155DA7ED
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=b59ggo74bghr
Frame ID: EF57EBFCC285C3B9CA328C50A20386E9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=28B6492E-5EA6-422D-8273-13906E0D69FF
Frame ID: F2A1E326D1E5AD2E95E7C7D80EA0168C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

在家擁抱陌生人年賺170萬 金髮妹贊「完美工作」傳遞獨特能量 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

614
Requests

85 %
HTTPS

27 %
IPv6

111
Domains

187
Subdomains

123
IPs

16
Countries

6232 kB
Transfer

16147 kB
Size

157
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 152
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp&cc=1
Request Chain 178
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=54cpVnxMSTFrQzhldDJraGEyaGp4SGxrYXkyUEgybVdtbm8zRit6dXM1bnZ4MHlnZ2VHS0VjTzJDaldQN0lTM0xTdHRhaXZJUFZ1aWxRb2JreklQSy9WR2VIRjdETjBhWmw1dXZrakpGTGl0SFVIUW50dHVpemJQWUF5Uk52NUVhamtWNG9JWVhtVmtxNzN6REtuM1NXYS8rMTdJWFljOXpDWnFiVkV2TVJsUW1KZlJPZEpEcDRYS203SmZqZ2xicmdackNyNEVrWWM3djZ2UGt5dEhkcFJPSXZjYVpHK05RbVFYQzVNY21MWUZDM2VMMGxsR01kZjNDUVo2Y1FRenF2aXNML1M4bnp6bWhtTjdndUthS0ZQbGVGUT09fA&cppv=2
Request Chain 192
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 193
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 225
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Dd54551e7-fb5e-48ea-80ab-e929c889c9fe%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=d54551e7-fb5e-48ea-80ab-e929c889c9fe&p_id=23
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=d54551e7-fb5e-48ea-80ab-e929c889c9fe&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=d54551e7-fb5e-48ea-80ab-e929c889c9fe&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=2295386032929014839 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97eea2f0-7093-53fb-bd1b-5e3bd9e10363&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=37127951-af8f-4ea3-84f4-b623c8bdbfe0&p_id=15
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
Request Chain 234
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPpdV4YSjHrx9Y-tzH4ncgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELKXfQDckiwWbXbjgNkQOsY&google_cver=1
Request Chain 236
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU3Mjg2MDYyOTY3ODY0MjM3Mg%3D%3D
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJO6EDZOzO49VKAFzJ_iIxI&google_cver=1
Request Chain 255
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE05U1lLSEQtVC1JVkQw HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOyC5oDAaAX88oLFHyLOVvo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05U1lLSEQtVC1JVkQw&google_push=
Request Chain 256
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/GmY1Wf2mrIp6IrtiBeYJWg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VtRww71E2oKsAs5GldD.rs0KNCoNy.yJE9musQ--~A
Request Chain 258
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhjMTViMWZkOThiNWQwYzNlNTMxMWM4NDU1NzYzMDQyZjFlMjk4YQ
Request Chain 259
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DOo797J-RJ6r8cX9Ze07Cg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DOo797J-RJ6r8cX9Ze07Cg
Request Chain 260
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9SYKHD-T-IVD0
Request Chain 261
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qUIB9QEYTraTt1F3G9U_TA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qUIB9QEYTraTt1F3G9U_TA
Request Chain 284
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSg-V136ZPm6FYPB9u8P2uK-8AK1ssrtcrOIvrv4EfG4tLOUHRABILqEwDNgldqIgpgHoAHjn-XNA8gBCakCRwA480jysT7gAgCoAwHIA0iqBPsCT9Bfn1yXs4SlzqcTXm0EwKRnp0G2p9XroggVXepUkIPdAJ90iHaWVq5HUQFrC3CbcgY7TziZuBd5MsS1IZN1x8U4blS3m267q8kGiv5ThMmOQrWOVlgxRqy_X9VDWNMwoXI451LqG87uQ296HqDXoCdz046PRvh6xHXADpHGK-M8RGkYLaqBOafNf5Q5rCi6rsRATWSNkyHlSvXUsKAIm1Nw0KqI27m-ulD3aO0m6BzwHY8oUQ6OpRU9HziGG7RT2g94Jr0NmNIG-Gh6YB8pByIG2UGMlbqr-hUlh2I_E688F7hqpj4qTlXQ2rfJMFED2KEWpldL40FkoaQlZIwuQCw_7yMJgk9rU7uH1pBHvjERh6wHEOvw2MioDDiVtqe_inn8FA-G87AvW9oc-cN_aDabQLzH93V2Dhi3WA6yhLgBjnTBWOiPS34FwL9A35_TTtfFJkBf9Y9K8tEaIiL6Tn8PdBtdc5KSr1Iz9B0C4Ow5BiXypmbhAPCT1MAE0K_GgNAE4AQBiAWdgZm9TKAGLoAH7LbxAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELrTC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCUFodHRwczovL3d3dy5ib3R0LmRlL3VudGVybmVobWVuL3ZlcmFuc3RhbHR1bmdlbi9kZXV0c2NobGFuZC9tb3Rla4AKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0xMzI1MzQwNDI5ODIzNTAyGMqrHg&sigh=24kEavy2tsY&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWb_sVIcyiFBUqZfUsLvSXSJNhABAh6uBx2L7JiyPfyJA7Vx-fHEraDZH5o3rlbFbFsGrulp89GAE&template_id=419&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228275433126865997800%22,%22debug_reporting%22:true,%22destination%22:%22https://bott.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968445923%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217489153077985603921%22}&andc=true
Request Chain 309
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 313
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 364
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECuc7BRG9KWVz-TheJs1Fbs&google_cver=1&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVpvm_ehisHlZe1sR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVpvm_ehisHlZe1sR
Request Chain 366
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP531E_LKdG_6sdt-noYk6w&google_cver=1&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35kBlSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35kBlSM&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
Request Chain 367
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQTok7yw2vQMaGJPFzEYTm-uA8l4C1ZC_PXkuUzURWdRpJC6EhXjoxLjmu5cse8SSvYYhed478RYEqoNPmvurJVGQZZp4U&google_gid=CAESEFww2hD9rvsqg0DjUbsU4OM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmQTok7yw2vQMaGJPFzEYTm-uA8l4C1ZC_PXkuUzURWdRpJC6EhXjoxLjmu5cse8SSvYYhed478RYEqoNPmvurJVGQZZp4U
Request Chain 368
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB1Fycn2necso65Nna0hVds&google_cver=1&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd&google_gid=CAESEB1Fycn2necso65Nna0hVds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc4MDQ3ODUzNjI3MDI4MDY0Mjcy&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd
Request Chain 369
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEANIc7c8MaDKEaAObEZjz3g&google_cver=1&google_push=AXcoOmTcAfHueuui4bF__Qu-lz19eKhEP-FoPVbyT4Y6cG8f4nnR2HaDhqklcn_s2LPp66RXKcOgMVQfp6Tc594LL6eX5JV4h8KbQg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTcAfHueuui4bF__Qu-lz19eKhEP-FoPVbyT4Y6cG8f4nnR2HaDhqklcn_s2LPp66RXKcOgMVQfp6Tc594LL6eX5JV4h8KbQg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 380
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOjp1kCHYWYE52kQHFsvYHo&google_cver=1&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg89sS5o48LYXVKDcaXGK4ANRHA-UPgVGaHZ_e3B3-TH HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg89sS5o48LYXVKDcaXGK4ANRHA-UPgVGaHZ_e3B3-TH&google_hm=MStVEQDVmaBIgEtacg6byA
Request Chain 381
  • https://um.simpli.fi/gp_match?google_gid=CAESEGiw1GXB23LQ8x8IujyaCiI&google_cver=1&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQNGDE6PRDfpjSi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQNGDE6PRDfpjSi
Request Chain 383
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRDW3HQa7C-sXd6SOt8465gPu_FLD8IAFbyMau_WJcl0GOLObYn60RsIshIgzub86wKpZ4llL6e1l5AOH9p9DIYGBB-JKhO&google_gid=CAESEFww2hD9rvsqg0DjUbsU4OM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmRDW3HQa7C-sXd6SOt8465gPu_FLD8IAFbyMau_WJcl0GOLObYn60RsIshIgzub86wKpZ4llL6e1l5AOH9p9DIYGBB-JKhO
Request Chain 386
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEANIc7c8MaDKEaAObEZjz3g&google_cver=1&google_push=AXcoOmRl7Df3s4Lp4glu_43g8Cn8RriAK5scwoCWP0WyQ3ssMxyK0nneuEejyFrkiTLMfrAZE8ZJj-UCM1f7XxLDVADYA5NsD-9ggA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRl7Df3s4Lp4glu_43g8Cn8RriAK5scwoCWP0WyQ3ssMxyK0nneuEejyFrkiTLMfrAZE8ZJj-UCM1f7XxLDVADYA5NsD-9ggA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 407
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=137cef91-0fa3-4833-9d3d-533b2b998e86&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=3852cb4d-0b4d-47d5-907c-70d3c792b846&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D92493dbf34a747a396b55d691e520865%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vqflaphey&aid=5047653283956548192 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=92493dbf34a747a396b55d691e520865&SNR=1&GV=2&med=10
Request Chain 425
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoIIsujYNXNMyAZR2Rw1T6ljZ6YT3h1qWFYdB0pFZB5MUVWECsHmY6CpEEKl HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoIIsujYNXNMyAZR2Rw1T6ljZ6YT3h1qWFYdB0pFZB5MUVWECsHmY6CpEEKl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTgyWUdTWTMxUUVvdGo1&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoIIsujYNXNMyAZR2Rw1T6ljZ6YT3h1qWFYdB0pFZB5MUVWECsHmY6CpEEKl
Request Chain 426
  • https://um.simpli.fi/gp_match?google_gid=CAESEGiw1GXB23LQ8x8IujyaCiI&google_cver=1&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdbRAbn5gyXlc6057Bk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdbRAbn5gyXlc6057Bk
Request Chain 427
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECuc7BRG9KWVz-TheJs1Fbs&google_cver=1&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-dknjMRIqg1OoCZjDCd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-dknjMRIqg1OoCZjDCd
Request Chain 429
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP531E_LKdG_6sdt-noYk6w&google_cver=1&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6MDS0FAozSN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6MDS0FAozSN&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
Request Chain 430
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmToCgKZLBbSczbGfQ_9HkolMXhmPTLMySJd6BdxO8oLeTCnYSbVAjeZjPUJDO-922LR6R1DP2pQuAHLnhpWV4OB4lHb243QLkNT&google_gid=CAESEFww2hD9rvsqg0DjUbsU4OM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmToCgKZLBbSczbGfQ_9HkolMXhmPTLMySJd6BdxO8oLeTCnYSbVAjeZjPUJDO-922LR6R1DP2pQuAHLnhpWV4OB4lHb243QLkNT
Request Chain 431
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECeW7CJQ1XaX0npVAwMZ6LI&google_cver=1&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0nFUcPllm0hOAMmNP3FGNC4zM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECeW7CJQ1XaX0npVAwMZ6LI&google_cver=1&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0nFUcPllm0hOAMmNP3FGNC4zM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTczMzczOTA5MDEyODE2NzgwMA&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0nFUcPllm0hOAMmNP3FGNC4zM
Request Chain 446
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=1OS7G19Fa2hmbGZ5VmxNdDB2cFRYMm1sTlllNnY1dlBocUlFbVB0ZmpTJTJCenEzM3hiTyUyRmRiUVJzdjVZV0RGMmJtN0JwU1R0MkpCMVlGOTYwcmJsNnZKdyUyRjNTNnluSWtFUzFGV3NQRmFuQUgzUlJRRVBqR2h6UmJ2R0NxcmhwYlNrZ1lvV0x4TDF5M3N2S1FuUlhRdGR0SWUwQXclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=aEGPTHwzU3k0K0VEdWVxYkhvL0V4cmQ1dUk5clNtVWVUQkRDdWVWUTR6U1ZrY2YzT1pGRUNVTVU1NEZXQTB3dVBPZDZRb01XclR1R05UMUlkaXRDelpTUUk4MnJoeFphMWVPWlMzZUVuUFZwU3pCeUpFT09oenpXa3R0RGRzaDVvdWsvMnkvamwvejhkNXFUSHJCWjAvc0lDNytuV1NyOFNmWEthSkRxbllmcy9ySXIvWEZSMDdwZXc3bDhTRGxCNnBIZUdWMzVRcmJuZ1NpMDBqcHJ3ekI5MExNZUx4cVlLT0h5ZVBienRjK09sWTBVL3dLRS9SRTcrSWRsZjg0dFhBN3ZjM0RrcHYxWSsxK3hFM25EajdlUWdnZz09fA&cppv=2
Request Chain 471
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 476
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3572860629678642372
Request Chain 477
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HSKjqRZHiwqErkirRbG4O-ZU
Request Chain 479
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694129498460 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6943882541 HTTP 302
  • https://sync.1rx.io/usersync/turn/2607227653098436665?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
Request Chain 480
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5142336725121148145
Request Chain 482
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 484
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-2655afde-901b-3cc2-8da9-36e761a51802
Request Chain 487
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 491
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09892204009609dc57dd879c&gdpr=0&gdpr_consent=
Request Chain 493
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=c1c36605936ea024411bc75398341792&gdpr=0&gdpr_consent=0
Request Chain 494
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4675748140497970013&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqqLPhvW7bc73bHivb41Y8&google_cver=1
Request Chain 501
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8bb7a736-45d4-4158-94b2-130759ce91a7-tuctbf3e2da
Request Chain 503
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1733739090128167800&expiration=1695339098
Request Chain 506
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3572860629678642372
Request Chain 508
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPpdWgAAApCUOQA_
Request Chain 509
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFCXE7J9LsAABSEx-088g&expiration=1695339098
Request Chain 510
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=GO0b8QcSlc8qj7wsEJXn&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1
Request Chain 511
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709854298&external_user_id=2d3e8207-cb56-40b8-bda1-a044019df1e6
Request Chain 513
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3572860629678642372
Request Chain 519
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3572860629678642372
Request Chain 520
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=65ekLOjH93rwlKB865rve-mQpCjwl6Av5Mbq-bBH
Request Chain 521
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%280uZuSOsH3-MpKlPs8s3IKLRqTjeNVQ6r2bC-vhNCGdRD4n0HVxKKNHjQryjvku7U%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%280uZuSOsH3-MpKlPs8s3IKLRqTjeNVQ6r2bC-vhNCGdRD4n0HVxKKNHjQryjvku7U%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&obuid=ENC(0uZuSOsH3-MpKlPs8s3IKLRqTjeNVQ6r2bC-vhNCGdRD4n0HVxKKNHjQryjvku7U)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 522
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e0b12450-3a1f-4716-9c41-8509f365b41b
Request Chain 523
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2884023a-e3a7-5da7-40de-f1c284ebb887$ip$138.199.38.133
Request Chain 524
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JIZG0g1E2pe9FOAmFgxi_SN_ic5E6ca55ZPP~A
Request Chain 525
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6964e0f5-6bbf-455d-b9e6-f5726177da0a
Request Chain 527
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=N9JmkYzpgSaJabWXDErs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TRZJJWWWWL2OBTVGYKKMFRFOWCEIVZHGJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TRZJJWWWWL2OBTVGYKKMFRFOWCEIVZHGJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=N9JmkYzpgSaJabWXDErs&us_privacy=1---
Request Chain 529
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=TwT4weuO7v17&ev=1&pid=558355
Request Chain 530
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4675748140497970013
Request Chain 532
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPpdWgAOncThHABY&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
Request Chain 536
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPpdW8Co8XwAALBbAXMAAAAA
Request Chain 538
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=2mYy9MbVjkLho1MaObdH&pi=gumgum&tc=1
Request Chain 539
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 543
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 544
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 545
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 547
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
Request Chain 549
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KLZJLl6mQi2CcxOQbg1p_w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 551
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1662117902 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28B6492E-5EA6-422D-8273-13906E0D69FF
Request Chain 552
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=28B6492E-5EA6-422D-8273-13906E0D69FF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDQ2OU5naFdIcUZUZGlhdngxZjdOLWF4QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1733739090128167800&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhCNjQ5MkUtNUVBNi00MjJELTgyNzMtMTM5MDZFMEQ2OUZG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 554
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBeFBqqczCyGHtG3bMUxsfQ&google_cver=1
Request Chain 557
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1733739090128167800
Request Chain 560
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 564
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4597388745 HTTP 302
  • https://sync.1rx.io/usersync/turn/2679285247136364601?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b4a7560b-0320-4864-b124-6d95688a1d0d-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
Request Chain 565
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/97eea2f0-7093-53fb-bd1b-5e3bd9e10363
Request Chain 572
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1733739090128167800
Request Chain 573
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/8310279cf12a4acb628b2a19c4ba7d6?gdpr_consent=&gdpr=0
Request Chain 590
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3572860629678642372&gdpr=0&gdpr_consent=
Request Chain 591
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KIQCOuOnXadA3vHChOu4h4rHJoU&gdpr=0&gdpr_consent=
Request Chain 592
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276230784805632146&gdpr=0&gdpr_consent=
Request Chain 595
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 596
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGQ1hFN0o5THNBQUJTRXgtMDg4Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFCXE7J9LsAABSEx-088g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4675748140497970013&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAFCXE7J9LsAABSEx-088g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4675748140497970013%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4675748140497970013&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFCXE7J9LsAABSEx-088g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFCXE7J9LsAABSEx-088g&gdpr=0&gdpr_consent=
Request Chain 599
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 600
  • https://pixel.onaudience.com/?partner=214&mapped=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
Request Chain 601
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725121148145&expires=30&ssp=pubmatic
Request Chain 602
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2679285247136364601&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 606
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d419bc8c974de7ac1e3822d664f2a9
Request Chain 607
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725121148145
Request Chain 608
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4877306777300480605
Request Chain 610
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Request Chain 611
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f52eac9065476057/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D7AicPGkHMVXngjRaUVWTUaVT%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D7AicPGkHMVXngjRaUVWTUaVT%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMVXngjRaUVWTUaVT&gdpr=0&gdpr_consent=
Request Chain 613
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=b59ggo74bghr
Request Chain 615
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1240db71-a3be-4661-87b1-a131e5ccd71d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 616
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858&gdpr=0&gdpr_consent=

614 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
www.bg3.co/a/ 		54 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
21ab0a70ab4f0cabf7a0dc2bad514ab4d679f5b9d664ebb0183ff1cb41202a6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 23:31:33 GMT
etag
"d6ec-1cbMbt7NgnTbW3ezMuxdIrozpg8"
expires
Thu, 07 Sep 2023 23:46:33 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72941
x-xss-protection
0
server
sffe
etag
"1fd4dd9eff57c430"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 23:31:34 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9642
x-xss-protection
0
server
sffe
etag
"02dd63e520ffd2e6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 23:31:34 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7559
x-xss-protection
0
server
sffe
etag
"7e5f99ff05e5cd4c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Sep 2023 23:31:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0fd6811d500fe92c65cbfd7fa38894b00d82f4493616404459f68177373dd6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29395
x-xss-protection
0
server
cafe
etag
610 / 19607 / m202308310101 / config-hash: 6691085259580024239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:34 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2023 14:23:43 GMT
server
cloudflare
age
29552
etag
W/"64f9dcef-a067"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8032befa2a6b2be4-FRA
expires
Fri, 08 Sep 2023 03:19:02 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13747
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZJ8KSv%2BOGTPlihphnCZS6itj6vt4LP%2BRp0j4baeMy8VuyUXHPUYes4kq5sh6URA0PiTtWQtv8tH9v36lD4ToHeQgKoXsRchQz%2BZemXAgFxk%2FFhFqEf2ZThCRp991cN8o02Mc2Pifei%2BzRM2Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8032befd8a043736-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
94d4afc126f898f93a1429fe9614d32b33097af10fd4bd1d7d96c4fc3c0c28bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
age
59381
x-cache
HIT
x-client-device
desktop
content-length
10576
x-ap-device
DESKTOP
last-modified
Thu, 07 Sep 2023 07:00:31 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
IQ
expires
Fri, 08 Sep 2023 00:31:34 GMT
adpushup.js
cdn.adpushup.com/42753/ 		662 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 23:31:34 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Wed, 06 Sep 2023 22:24:57 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
CH
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1694129494110_389027484_12632665_121_1242_5_16_146";dur=1
content-length
142558
expires
Fri, 08 Sep 2023 00:31:34 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		493 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
B7ESEqt9U0d0JJqnlCaJeGglIiWiYfbN
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
QKW8BEW0A65GJSQK
age
120
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
54035
x-amz-id-2
z6+wC52bI0N7QwPlilP89jR1Q0+18pSyTRYp9XLhTld/DJKMc91o03AHPf9FyEzapstmgq/xDkU=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:17:43 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129494.098794,VS0,VE3
etag
"b35382d57c6b5b9ac2f9d781f1578799"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
impl.20230905-4-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
DHSY4h5zVk1UjTokLGTmT4IpOCy1UIOB
content-encoding
br
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
KTJ5G1T2ZY79WG4Y
age
21740
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170225
x-amz-id-2
N19IwH4/N/0qjpx6UPvM4DrF7NvGmP8xnhrV6k24mww9BeCqS8cdgMqnU30S0hJvfiOoiWuNEek=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Tue, 05 Sep 2023 09:28:59 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129494.148786,VS0,VE0
etag
"02e831e0d003d619395b9b4db0013950"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6041
t.php
c.statcounter.com/ 		192 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=99406B9F22774F5344FA0E9253F56666&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&t=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2196&sc_rum_e_e=2199&sc_rum_f_s=0&sc_rum_f_e=2151&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8032befaaac42be4-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1694129494.dop208.fr8.t,1694129494.cds151.fr8.hn,1694129494.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1694129494.dop208.fr8.t,1694129494.cds151.fr8.hn,1694129494.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
185788
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=01%3A31%3A34.202&lti=deflated&data=%7B%22id%22%3A476%2C%22ii%22%3A%22%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694129494200%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22vpi%22%3A%22%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2967%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1020%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
665ee1d8b38a3b07d74b37a1ef371fd575e3303e6b42458ecda58cd3c3a4b7f4

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
174
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7346
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230073-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694129494.212771,VS0,VE174
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:42:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20948
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 17:42:26 GMT
8ca2b153d55f20f36eac613f9f9315f7.jpg
static.bg3.co/imgs/202106/ 		0
0
ad07ff5ec76cc875a70a514110eda87e.jpg
static.bg3.co/imgs/202105/ 		0
0
1286d8902ede414051b8f917e865a90b.jpg
static.bg3.co/imgs/202105/ 		0
0
8cf22d981e9ce9921ff0d821c9e64b07.jpg
static.bg3.co/imgs/202105/ 		0
0
1a0088862a004991463f2cb512b6c73d.jpg
static.bg3.co/imgs/202108/ 		0
0
ce080767c104c399e30b67d967d6944e.jpg
static.bg3.co/imgs/202106/ 		0
0
4cc79f0001e1953870ffde5308ed13a8.jpg
static.bg3.co/imgs/202106/ 		0
0
84e1966da1b8168176251ac49dca1b0f.jpg
static.bg3.co/imgs/202305/ 		0
0
b7aa831294915ebe084c87d03451e298.jpg
static.bg3.co/imgs/202206/ 		0
0
b6b473fcd36e5f2d887c10519f16c782.jpg
static.bg3.co/imgs/202107/ 		0
0
01ff2b1ba502ae915a79eb7eb5dcffbc.jpg
static.bg3.co/imgs/202106/ 		0
0
a2ff524ee19cd82bf257633716864924.jpg
static.bg3.co/imgs/202105/ 		0
0
625789fecd6706240e54f17efc1dbc0c.jpg
static.bg3.co/imgs/202107/ 		0
0
6b39f486b3345755ae4fd96da406a54d.jpg
static.bg3.co/imgs/202011/ 		0
0
3280021f18e2be739ee7fff233df3169.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2968
x-xss-protection
0
server
sffe
etag
"20a8808a3fce3085"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
server
sffe
etag
"91fba5c7cd59114d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
871 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3948
x-xss-protection
0
server
sffe
etag
"a02df160e36bd176"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694129494334_389027484_12632738_95_1150_5_13_146";dur=1
content-length
122286
expires
Fri, 06 Sep 2024 23:31:34 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1694129494397_389027484_12632755_16_1161_5_0_146";dur=1
accept-ranges
bytes
content-length
317
expires
Fri, 06 Sep 2024 23:31:34 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1694129494399_389027484_12632757_600_827_5_0_146";dur=1
content-length
18371
expires
Fri, 08 Sep 2023 00:31:34 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQxMjk0OTQzODksInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3phaS1qaWEteW9uZy1iYW8tbW8tc2hlbmctcmVuLW5pYW4temh1YW4tMTcwbW8tamluLWZhLW1laS16YW4td2FuLW1laS1nb25nLXp1by1jaHVhbi1kaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=2423.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1694129494483
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires
Fri, 06 Sep 2024 23:31:34 GMT
date
Thu, 07 Sep 2023 23:31:34 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
1859770
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
DE
floating-unit.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
V1rselWEQkmv8ejM_YOT9pvQ4PsP3pyq
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
YMYSCWQ4HDFV88QA
age
116269
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
uc/TxTGKFcoM/JlekznaoFnw684uXNLIBkSY9K6l8dG1BXVc/d0aUPhpx7nxrtygWl9fxEaNMqY=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.512088,VS0,VE0
etag
"9b0b24e2992039edeafef2deb5f869d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
63
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2329
taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
nyBLekRqWpLwFsYJ1PM2htL48qH2exXE
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
GG3SZN1QSGHYAPZ8
age
116248
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
o+B0AKbDwwOufquBUhKM603c+EpaE5eo//GnTgnjAMIFfA/OIdq8E/w8MrYBJjugsAxyTQGJywI=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:14:06 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.512913,VS0,VE0
etag
"fcf081c3f2e178fc5d019b3ef2860ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1995
distance-from-article.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
em2XoJWhDIGX2pPbKxuWmMDgPsr_r4ef
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
VB7GC7DNR3DBAGXN
age
116280
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
MwndNzSFMrfPZuXlmjg+CH3RvIMFhrFGJpJWlIU4n1N0LM64WpnV/AGfobY9J5d7i0GAmvKutRg=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:35 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.532735,VS0,VE0
etag
"0a16ddc5535f3ec9c04adb198a63ab57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
38865
article-detection.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
VYQg0KzRzVKgsOUVIwoGWUZcIizdfOKZ
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
F29PXCZ8HNKVHJH3
age
116287
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
v/a7T3HLPP9VJKIs/ZoINAzTkQ4zUgmrWpgtYsjY3+QlOMnzxtML84PR9LAS30+tHp6+1yAQ708=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:28 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.532876,VS0,VE0
etag
"a684a25a6af049d0fee39485c35b845e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
39188
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.0/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
138419
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36498
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 06 Sep 2023 09:01:32 GMT
server
AmazonS3
x-timer
S1694129495.558439,VS0,VE0
etag
"1865860838c0a4f202ab61510882ea01"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MBwNQWWoasK9QdVBzfrJSMb4dGtXeyY63MWPfWLulxwQ0SOIpiRafA==
x-cache-hits
11857
feed-card-placeholder.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
.8WMZOWcDpNm0.Ccx52jyM8r4MC6976_
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
3KKZJT1BHCRVXYWY
age
116274
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
k6bhlbvN6KLmcGsQRfjoz7YptQAdyVlsTRKrgkvp9A4tCI+2N2yMesYwCKScEwY2BQFGyzS5cgE=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:40 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.536757,VS0,VE0
etag
"a682091ea54d189e1c90f84edb66dc6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
96
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
27030
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
35
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.541875,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
userx.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
s_CdpOrxd5OMAuEV0GJ7BKn.ddN4GAhu
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
J4VM1AJYK6QJHX3G
age
116245
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
FIq2NZRhejRV5eG0EITjnAVmFsTjNMpRi7giTA5FIjJKU6MUOB1ZCrrt1gNGOY6UXpqajzBu4iw=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:14:10 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.544534,VS0,VE0
etag
"22ce59d71c04e51e63a2870100dee4d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14267
explore-more.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
nTny9pOwUaN6ss1oAQu2PcehWgBYcg1r
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
NASXNJWVBD4GEBA1
age
116276
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
V0wstXoV0n2+bJL8i51/PcQ4dHD4ffSYa39uaMHin2aUHH5b6pD7SOELnFltwMEFSga3o5C2Ra0=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:38 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.588668,VS0,VE0
etag
"0da94878b067376092df0c027b53d238"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
59
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15181
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=bd1cc3c4fcfb1fb5ea7cc549ca41322f&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=01%3A31%3A34.507&id=5773&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=bd1cc3c4fcfb1fb5ea7cc549ca41322f&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1694129494508%7D&tim=01%3A31%3A34.509&id=3492&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=bd1cc3c4fcfb1fb5ea7cc549ca41322f&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1694129494520%7D&tim=01%3A31%3A34.520&id=4603&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=bd1cc3c4fcfb1fb5ea7cc549ca41322f&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A31%3A34.584&id=2694&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.587&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=8225&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11983
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.587&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9584&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11983
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.595&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3376&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11983
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.595&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9259&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11983
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.600&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4464&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
json
trc.taboola.com/palmate-bg3co/trc/3/ 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=01%3A31%3A34.620&route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&data=%7B%22id%22%3A319%2C%22ii%22%3A%22%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA%22%2C%22ui%22%3A%22dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6%22%2C%22uifp%22%3A%22dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6%22%2C%22lbt%22%3A1694013456733%2C%22vi%22%3A1694129494200%2C%22cv%22%3A%2220230905-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22vpi%22%3A%22%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4386%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1490.1875%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c1a4eccb8271a8e67ffe9befa842615d908a9e24b93aad83569963efba6e3f51

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
149
date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7362
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230073-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1694129495.624352,VS0,VE149
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.622&type=usage&msg=New_CTA-event-1694129494622&llvl=2&id=6310&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-3437978079793681082~~c9OT4xlV5tcq%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.623&type=usage&msg=New_CTA-event-1694129494623&llvl=2&id=2176&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-3437978079793681082~~c9OT4xlV5tcq%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.626&type=usage&msg=New_CTA-event-1694129494626&llvl=2&id=6420&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.627&type=usage&msg=New_CTA-event-1694129494627&llvl=2&id=2734&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.629&type=usage&msg=New_CTA-event-1694129494629&llvl=2&id=6418&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.629&type=usage&msg=New_CTA-event-1694129494629&llvl=2&id=3992&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.631&type=usage&msg=New_CTA-event-1694129494631&llvl=2&id=9294&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-3437978079793681082~~0Ofjsz3jeqNi%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.632&type=usage&msg=New_CTA-event-1694129494632&llvl=2&id=3813&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-3437978079793681082~~0Ofjsz3jeqNi%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12220
5d2a0e7b082804e38669bca08971b645.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		280 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dec72d8ffde45ba5c97dfb1b61678076272e578d138e4fe9f257677bb71c7147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_960%2Cw_1280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
age
22526
edge-cache-tag
384476866843345985888517940921967803307,354529266076833928912075661658785656664,29ecf9b93bbf306179626feeda1fab70
cache-tag
384476866843345985888517940921967803307,354529266076833928912075661658785656664,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
2240
req-referer
https://buyandreviewss.blogspot.com/2023/05/chatbase-review.html
content-length
286414
x-request-id
d2bc313ecf3ead6a14f06c3e5bbfaca0
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kjyo7100079-IAD, cache-iad-kjyo7100043-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:11:34 GMT
server
nginx
x-timer
S1694129495.639470,VS0,VE1
etag
"9cf24309c8f5ba18e66f1d00008d786b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
5d2a0e7b082804e38669bca08971b645.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
afeb2fa54ff0c7f506e29ae5b8d60781b1adaadd73de27375d27f06b2f5851ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
age
110640
edge-cache-tag
384476866843345985888517940921967803307,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
384476866843345985888517940921967803307,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1145
req-referer
https://www.tipsandtricksjapan.com/
content-length
119524
x-request-id
75981fc83a5b4e99b9b66585bcbaf5c6
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100076-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:11:34 GMT
server
nginx
x-timer
S1694129495.643217,VS0,VE1
etag
"0b7136b579c820638b94e6c56f467659"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 5, 1
ebc84665f6166baf9deb718991413698.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebc84665f6166baf9deb718991413698.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a19cf541c608e091827fee56384a9254d7c3f332e5be5df05e8f341effcfb37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebc84665f6166baf9deb718991413698.png
age
2702331
edge-cache-tag
315427940589486903580793480613976495383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
315427940589486903580793480613976495383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
66
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.np-coburg.de/
content-length
28476
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200162-IAD, cache-iad-kjyo7100080-IAD, cache-sna10721-LGB, cache-iad-kcgs7200121-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 19 Jul 2023 01:07:10 GMT
server
nginx
x-timer
S1694129495.650824,VS0,VE1
etag
"e6e571df04fb6d73ffc7159c235128da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 233, 1
80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3dd78e0450042df868691cc1a087da5167ee3612b06a592a91d7cc891fa6df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
age
2032265
edge-cache-tag
479919141207252096591197833639122724036,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
479919141207252096591197833639122724036,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
202
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.freenet.de/
content-length
17992
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000173-IAD, cache-iad-kjyo7100044-IAD, cache-chi-klot8100126-CHI, cache-iad-kcgs7200039-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 26 Jul 2023 17:30:03 GMT
server
nginx
x-timer
S1694129495.655600,VS0,VE1
etag
"038d802b364a97df9ed29626e9f6c081"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2066, 1
d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f27590061c575f97cf4cde076c67fec6f30d0922dd27b72ffa9127f561de95a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
age
1247579
edge-cache-tag
468998993225076219641510640494932664770,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
468998993225076219641510640494932664770,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
392
expiration
expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.mediagol.it/
content-length
103100
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200030-IAD, cache-iad-kiad7000105-IAD, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230073-FRA
last-modified
Mon, 31 Jul 2023 13:56:29 GMT
server
nginx
x-timer
S1694129495.662100,VS0,VE2
etag
"b030906992d9b2fbe2d57ebcf5bed721"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 4, 1
64354dadcbcf6ca283af852d28603a1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64354dadcbcf6ca283af852d28603a1a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14f104399d8359196a887ad10bc714038ce3a7128ad96b05bbbfdc556d4bbe39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64354dadcbcf6ca283af852d28603a1a.jpg
age
3581582
edge-cache-tag
513811410939988139387897735825378005482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
513811410939988139387897735825378005482,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
196
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
16674
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100088-IAD, cache-iad-kcgs7200162-IAD, cache-lga21926-LGA, cache-iad-kcgs7200118-IAD, cache-fra-eddf8230073-FRA
last-modified
Tue, 25 Jul 2023 01:22:02 GMT
server
nginx
x-timer
S1694129495.662297,VS0,VE1
etag
"3f1c81024d1096947ae2355650a39145"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 6, 1, 263, 1
0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0d9fd3b1d4db4519dc3829ac0bc7195b.jpg
age
3141687
edge-cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
526751286337326218232385186173385884285,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
202
expiration
expiry-date="Fri, 25 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
39080
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200149-IAD, cache-iad-kcgs7200094-IAD, cache-chi-klot8100033-CHI, cache-iad-kiad7000050-IAD, cache-fra-eddf8230073-FRA
last-modified
Tue, 25 Jul 2023 11:21:37 GMT
server
nginx
x-timer
S1694129495.662325,VS0,VE1
etag
"ac313dda21f591b9720208e844fa394e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 333, 1
5d2a0e7b082804e38669bca08971b645.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27217d62d4d71324190a07fbcecb2f32d60c39205941ea47dfdf2489f9e890e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
age
108209
edge-cache-tag
384476866843345985888517940921967803307,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
384476866843345985888517940921967803307,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1398
req-referer
https://motor-fan.jp/
content-length
138444
x-request-id
731cfd5b1b2c69eee7a508c7b52ab3b0
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100175-IAD, cache-lax10650-LGB, cache-iad-kjyo7100115-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:11:34 GMT
server
nginx
x-timer
S1694129495.667292,VS0,VE1
etag
"b3d1c1a3162ac41291de017f9a1dbbd4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f8db7492d2400c3e79857b0b5842a1da46a4a8c6a5c28626a38f227b317b9c10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
age
2635461
edge-cache-tag
468998993225076219641510640494932664770,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
468998993225076219641510640494932664770,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
318
expiration
expiry-date="Thu, 31 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
111778
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100135-IAD, cache-iad-kjyo7100028-IAD, cache-iad-kcgs7200086-IAD, cache-fra-eddf8230073-FRA
last-modified
Mon, 31 Jul 2023 12:56:14 GMT
server
nginx
x-timer
S1694129495.667286,VS0,VE1
etag
"c84149b9fe5212a4eb60dde06378a296"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 79, 1
ebc84665f6166baf9deb718991413698.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebc84665f6166baf9deb718991413698.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9816825e57948e875d16d7ca82162b33a5ae91aef1a8b371e100b45e8d342fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ebc84665f6166baf9deb718991413698.png
age
2702332
edge-cache-tag
315427940589486903580793480613976495383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
315427940589486903580793480613976495383,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
312
expiration
expiry-date="Sat, 19 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kleinezeitung.at/
content-length
82512
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200162-IAD, cache-iad-kjyo7100080-IAD, cache-lga21958-LGA, cache-iad-kiad7000084-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 19 Jul 2023 01:07:10 GMT
server
nginx
x-timer
S1694129495.667372,VS0,VE2
etag
"e6e571df04fb6d73ffc7159c235128da"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84ebdf1d74f506b0dbbe946fb92f71a305aca260cef7e1121132c67c6d746407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/80d0c4bc874a34ee4ba12c89b1fef6ce.jpg
age
3221573
edge-cache-tag
479919141207252096591197833639122724036,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
479919141207252096591197833639122724036,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
237
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://yourdailylama.com/
content-length
38268
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kiad7000025-IAD, cache-chi-klot8100150-CHI, cache-iad-kcgs7200075-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 26 Jul 2023 17:38:59 GMT
server
nginx
x-timer
S1694129495.674328,VS0,VE1
etag
"a64aa6b6ce3fcc4896a1c0341ccd1f0c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 105, 1
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMjk0OTQ2NjgsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3phaS1qaWEteW9uZy1iYW8tbW8tc2hlbmctcmVuLW5pYW4temh1YW4tMTcwbW8tamluLWZhLW1laS16YW4td2FuLW1laS1nb25nLXp1by1jaHVhbi1kaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=2702.2000007629395
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMjk0OTQ2NzYsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3phaS1qaWEteW9uZy1iYW8tbW8tc2hlbmctcmVuLW5pYW4temh1YW4tMTcwbW8tamluLWZhLW1laS16YW4td2FuLW1laS1nb25nLXp1by1jaHVhbi1kaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2710.2999992370605
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2OTQxMjk0OTQ2NzcsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3phaS1qaWEteW9uZy1iYW8tbW8tc2hlbmctcmVuLW5pYW4temh1YW4tMTcwbW8tamluLWZhLW1laS16YW4td2FuLW1laS1nb25nLXp1by1jaHVhbi1kaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=2712
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:5400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Thu, 07 Sep 2023 03:41:04 GMT
Via
1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
71431
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
f1iwuyk_eS-tsp12bA7O9OMEh9u_5IH5Vo5mFQajSdjhyjTnwqLLFQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
WHJWEXTY2JDTWEHF
age
367
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8032befe4c869950-FRA
x-amz-id-2
QkmbjKdbZiX9w2b15vxYkzQcv4sC/WZEhMn9+ut/0lINEjbSTYnO96DOVZiZnegdYLFMphUpy2A=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27886
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRA2QjxVgF%2Bxs8wOdid4Piobp4jLY%2B2DUTde6ZTL1jzpv9P75pMukm%2BrQ66Q5iP20Iraj9qjEfE5Tf9khR8zohDecYJTrV8zJWzQYzQLgCAOmOiAI7gWzhDfRa9XNteHayB4Bum9doZ%2BO%2BbbsZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8032befe5e3037d7-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 23:31:34 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:33:05 GMT
content-encoding
gzip
age
1137509
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 19:33:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4347454479485159&correlator=45164897681929&eid=31076406%2C31076408%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694129494738&lmt=1694122294&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&vis=1&psz=760x0&msz=760x0&fws=4&ohw=1600&ga_vid=2097357468.1694129495&ga_sid=1694129495&ga_hid=686803797&ga_fc=false&dlt=1694129494025&idt=666&adks=3605545259&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e601afefb34b574d784d44a6ee43b64689759029852375f9f217a46e75a67fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12549
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4347454479485159&correlator=3708448534478631&eid=31076406%2C31076408%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694129494746&lmt=1694122294&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2097357468.1694129495&ga_sid=1694129495&ga_hid=686803797&ga_fc=false&dlt=1694129494025&idt=666&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_16_0_pv%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0_pv%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_e%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0884114d5868c68aa6b0556a2e61118ead1c8d7f5b9b7c36bceeda2c73f1b322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15537
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:34 GMT
expires
Fri, 06 Sep 2024 23:31:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 19:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
14121
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13570
x-xss-protection
0
server
cafe
etag
8322348364393239614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 19:36:13 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10339
x-xss-protection
0
server
sffe
etag
"6b0a8d436e5c7ad3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQxMjk0OTQ2NjgsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3phaS1qaWEteW9uZy1iYW8tbW8tc2hlbmctcmVuLW5pYW4temh1YW4tMTcwbW8tamluLWZhLW1laS16YW4td2FuLW1laS1nb25nLXp1by1jaHVhbi1kaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=2804.6000003814697
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57751
x-xss-protection
0
server
sffe
etag
"df3f5bf96724b1a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.813&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=9398&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18191
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Sep 2023 23:31:34 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7593
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42Idh61qZvJ6%2BZCIcRS3WX5DZrFuX6Ay6Z99re4s5QL8%2BPFwBVxgdgPnXX9cq6yFWFdl3r4aQlzoqsvdqEEj1Vraz%2FSyfGP7OfF7zLIMdld4cc3Rbf1duWLGRCFTSCIuvktDx%2BXdvoSRtm3CMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8032befeeb003736-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
37c057da86439d17d3c65a2daae1cba3b39774a0df35d50b6f883e3712fa9e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:35 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
37c057da86439d17d3c65a2daae1cba3b39774a0df35d50b6f883e3712fa9e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.886&type=usage&msg=New_CTA-event-1694129494886&llvl=2&id=3635&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~1786721062368588579~~5zeZ5g0Qp3mjN%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.886&type=usage&msg=New_CTA-event-1694129494886&llvl=2&id=512&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~1786721062368588579~~5zeZ5g0Qp3mjN%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.888&type=usage&msg=New_CTA-event-1694129494888&llvl=2&id=4308&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1432260422239200605~~l2Q5oC_pw-DM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.888&type=usage&msg=New_CTA-event-1694129494888&llvl=2&id=1969&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1432260422239200605~~l2Q5oC_pw-DM%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.890&type=usage&msg=New_CTA-event-1694129494890&llvl=2&id=8063&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~106422157202124937~~KDoRi8oqY3oleB%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.891&type=usage&msg=New_CTA-event-1694129494891&llvl=2&id=2356&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~106422157202124937~~KDoRi8oqY3oleB%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.893&type=usage&msg=New_CTA-event-1694129494893&llvl=2&id=5759&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8842741173019764171~~INhPtTdJYgv9K%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.893&type=usage&msg=New_CTA-event-1694129494893&llvl=2&id=1178&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8842741173019764171~~INhPtTdJYgv9K%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17405
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.900&type=usage&msg=New_CTA-event-1694129494900&llvl=2&id=6614&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-8593180248810327873~~TEqjz_XzdSKf%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16163
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.900&type=usage&msg=New_CTA-event-1694129494900&llvl=2&id=8033&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-8593180248810327873~~TEqjz_XzdSKf%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15620
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1694129494919%7D&tim=01%3A31%3A34.919&id=7985&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
75d16be5-613e-4003-b0c1-884d61d94499__RyLRjGYO.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/75d16be5-613e-4003-b0c1-884d61d94499__RyLRjGYO.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61ded1a015f8d53c1c8d8c044f80e0d35d000c5cd2151a339807f148d7441273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/75d16be5-613e-4003-b0c1-884d61d94499__RyLRjGYO.jpg
age
29646
edge-cache-tag
326548115447038123376553421142739317252,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
326548115447038123376553421142739317252,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
672
req-referer
https://www.tippsundtricks.co/
content-length
56648
x-request-id
375df033d68ad113cf79190fedb1947b
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000167-IAD, cache-iad-kjyo7100021-IAD, cache-iad-kcgs7200025-IAD, cache-fra-eddf8230073-FRA
last-modified
Thu, 07 Sep 2023 11:36:20 GMT
server
nginx
x-timer
S1694129495.928858,VS0,VE1
etag
"4660e11cfb029ad7385be13772947ddc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
448d8331b893bad2557553ed57d43d5f2baedcac7134996522bb2315ea7030f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f2f3ab6d-4dba-4ee1-ad73-e5a482b8ec6f__Kxlo0KK8.jpg
age
2465250
edge-cache-tag
369892945166203625932769237237409230519,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
369892945166203625932769237237409230519,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
225
expiration
expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
38662
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100028-IAD, cache-iad-kiad7000142-IAD, cache-lax10654-LGB, cache-iad-kiad7000141-IAD, cache-fra-eddf8230073-FRA
last-modified
Sun, 16 Jul 2023 01:33:52 GMT
server
nginx
x-timer
S1694129495.929245,VS0,VE1
etag
"089fc379eb4f83fc51b9318c23876b3e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 277, 1
8729a5d46496818c8704df67c07e8332.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8729a5d46496818c8704df67c07e8332.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9621f10624aea76282045e62bf911a536643165bfc8bf7b0992d23b2e5f94767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8729a5d46496818c8704df67c07e8332.jpg
age
3721927
edge-cache-tag
518530956107930225409493468004949249488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
518530956107930225409493468004949249488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
157
req-referer
https://www.europapress.es/
content-length
18546
x-request-id
1a5e296628fe1ee44db6cdd681bd73a5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100026-IAD, cache-iad-kjyo7100133-IAD, cache-lga21953-LGA, cache-iad-kjyo7100125-IAD, cache-fra-eddf8230073-FRA
last-modified
Mon, 03 Jul 2023 19:11:37 GMT
server
nginx
x-timer
S1694129495.929235,VS0,VE1
etag
"bb65c1dd518ecd8beccc519390db1232"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 25, 1
fdec4638-bade-42bd-ae98-e5fa518c9bcd__OJ0tYq1g.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fdec4638-bade-42bd-ae98-e5fa518c9bcd__OJ0tYq1g.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5cd738185f5f7a90b7607716666da8e79092a8259d6c6d182301975400e2b13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/fdec4638-bade-42bd-ae98-e5fa518c9bcd__OJ0tYq1g.jpg
age
843949
edge-cache-tag
486301147345732009838168760472417560295,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
486301147345732009838168760472417560295,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
997
req-referer
https://telugucinema.com/news/actress-anisha-ambrose-blessed-with-a-baby-boy
content-length
68250
x-request-id
acdfecc0468ab3c6943d1f50422cad40
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kiad7000063-IAD, cache-iad-kiad7000059-IAD, cache-fra-eddf8230073-FRA
last-modified
Tue, 29 Aug 2023 05:05:46 GMT
server
nginx
x-timer
S1694129495.929586,VS0,VE1
etag
"d6b6c811682f064f25c12aabc0ca52b7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
e645bc2c-b64d-46e2-bb10-485d3d79bb99__HFWauKtk.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e645bc2c-b64d-46e2-bb10-485d3d79bb99__HFWauKtk.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
91204a8bd4e862e8861aa1eabfcabd5ea36be2a8aa415c810eb8231c65040a67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e645bc2c-b64d-46e2-bb10-485d3d79bb99__HFWauKtk.jpg
age
31494
edge-cache-tag
436430764697191060964987118371919995910,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
436430764697191060964987118371919995910,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
587
req-referer
https://e.walla.co.il/
content-length
70592
x-request-id
cc1af9d88ccac747d60b580116996bd1
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100144-IAD, cache-iad-kiad7000031-IAD, cache-lax10643-LGB, cache-iad-kcgs7200054-IAD, cache-fra-eddf8230073-FRA
last-modified
Thu, 07 Sep 2023 11:36:20 GMT
server
nginx
x-timer
S1694129495.929736,VS0,VE1
etag
"1290612adc5e8ff8683cd63787c35c86"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
a27548f570ad6af9e34c608ff71c8dc6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a27548f570ad6af9e34c608ff71c8dc6.png
age
1795039
edge-cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
603464470960477801790457014709346231010,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
125
expiration
expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tvseasonspoilers.com/
content-length
37056
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000162-IAD, cache-iad-kjyo7100124-IAD, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230073-FRA
last-modified
Sat, 22 Jul 2023 07:04:29 GMT
server
nginx
x-timer
S1694129495.929853,VS0,VE1
etag
"0ec732c9c56a789a455588321467fe27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4718, 1
d6fb370bfc115d399f3bb78f718088e8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fb370bfc115d399f3bb78f718088e8.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d50ea00b1ad0900713ccbd2e79bb4a44227925dccd426e5bdf6061ea01abd3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6fb370bfc115d399f3bb78f718088e8.jpg
age
3148257
edge-cache-tag
462969361406934075708711001646791896546,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
462969361406934075708711001646791896546,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
77
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ctinsider.com/living/food/article/modern-apizza-new-haven-ct-pizza-today-18271929.php
content-length
14042
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200159-IAD, cache-lga21940-LGA, cache-iad-kiad7000036-IAD, cache-fra-eddf8230073-FRA
last-modified
Fri, 21 Jul 2023 08:05:42 GMT
server
nginx
x-timer
S1694129495.941021,VS0,VE9
etag
"786fbca920106c8db27fcc2b7f76c191"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 5565, 1
5b43ceab66700c76f5ccffca68349c53.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b43ceab66700c76f5ccffca68349c53.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c4e396f55d8fc25edc750178a50f3e5a7e8814a2cecc35eedffdfaa4909944b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Sep 2023 23:31:34 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5b43ceab66700c76f5ccffca68349c53.jpeg
age
1614800
edge-cache-tag
577261072754423397404516935679152970708,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
577261072754423397404516935679152970708,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
263
expiration
expiry-date="Wed, 30 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tippsundtricks.co/
content-length
73552
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100053-IAD, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230073-FRA
last-modified
Sun, 30 Jul 2023 12:58:54 GMT
server
nginx
x-timer
S1694129495.941101,VS0,VE2
etag
"0e47df9af489ac711e902c5e28097452"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 20, 1
next-up-widget.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
16i_W0SfO4iu5HUNttGCzqfI5eyuaJk9
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:34 GMT
x-amz-request-id
5Z6D55KEA63Q4GDX
age
116266
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
zbA9d3vwZFWk0ANy7tqhXOmmLnCfK5m/3x33rRTsy4bo2JGe2Az9RZf1dL8FcKvA8rZnXttJGN0=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.931199,VS0,VE0
etag
"206e75ae80c2530bd7615c594f84c2e4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
61
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2289
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22559.96875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A31%3A34.940&id=2787&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A922%7D%22%2C%22eventTime%22%3A1694129494942%7D&tim=01%3A31%3A34.942&id=8125&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A34.954&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8137&cv=20230905-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13905
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230908
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04a42cbe9a6dd17d6cf3d91423b737b86978d0e6c89af47c15eb483b95dd03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27040
x-jsd-version
1.0.1805
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7020-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-GwcUUHsE0TI1eRkE0LsE6H5eMI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sb3GwNC%2FkTk3GoP2ZciqmNqR93g8OE9cABKqP7y6ROD1cJvf5sV%2BZMBo9%2B6z2H6mKLiNAFYqpJHuNm5a1EnKoN0pvaBUBrMv7%2F%2FNQ4RThP%2F3wB0E%2FQ8NxOGB2MeNbJU3R5uc6L3Zo3gsbEV78MY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8032beff9ec937d1-FRA
prebidjs
rtb.openx.net/openrtbb/ 		53 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
0a48e012bb4285eb4704effa6ce62d6aac888523b52e0deb2a20d0a5b2e7a869

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=55560113111&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		144 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f56c9c9f83cdcc19457c5a84693ace60215d1a4933a4b1496dcee9f15eb55b14
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
an-x-request-uuid
a6045616-da49-4fa2-8725-c98dd6360245
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
d83a6dc38bfcc4b497f1f3bad29fffa808e32fde691bf203da0c33f561368b6e

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		442 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7bd48add-9931-4c91-b933-dfebe99b45d2%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=5a613ba8-32df-41bc-8cd5-63c0c7cbf4f0&l_pb_bid_id=9d4531a90b2015&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5a613ba8-32df-41bc-8cd5-63c0c7cbf4f0&rp_maxbids=1&slots=1&rand=0.2890603293692997
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41c27c188f66867b74a7f83586eaa980dcba24fb1dc9cd301f6bf0ea6a8604e8

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
442
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
3
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a0f211dea31b4184dea7c5bbd8a8092b9fa6097c101cb11916af66937194cae

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 07 Sep 2023 23:31:35 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8032beffe9cc18d6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
auction
tlx.3lift.com/header/ 		19 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
accept-ch
user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
x-auction-status
29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		721 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6829
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f9595e3aa6b60c1fc36a8494200ea88afd505428539868293a6793d13fc80ad

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7bf56e3c02ae7bf9b9a214070a6828838ec3a3205a5decd6b70e29a73194c56e

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 07 Sep 2023 23:31:35 GMT
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 07 Sep 2023 23:31:35 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d341cafae9d77152167d8d98e58c397cd1ed57afdd6311216a6afd2cc61a48

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEprFTq%2Fu%2FxG0KmeB2KAz5FNKDW8S76rk3iQDUL07q9ggzvpQhXXUmiReNM0Gj5j4ok%2FYAFut%2BqAoKdZvmWkBW7AFMTGrOSPkhRi5AVa5CeWuAzSV7gD9TkTsKp0ievPbZ1pN%2BDe"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8032bf003aca373e-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d867fbb38bbaca59c05281bdd91fa84ec6f42bd59b1264bfdd61fd9f85df62

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2oL2%2BGHWUi%2FwCvokwU6E6gmoZ7C17hF%2BKeELLhGfGa4d%2FzNiElJMGiNaEtB0cJwRn4VJHsCaHAyRnW7DzNzVUImVuKd8VaZ4VUAUWDJFB4YsO%2B1OUVjhfvphWJW0Sjwz7J2F2M7"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8032bf003acb373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid-request
onetag-sys.com/ 		15 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fe91d8cbdda71fc208e75bb9dfb9cd93.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
21519ccfe0562dab6ade862000b043394dbf8dbdbdd5aae97083580bb57d2c69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe91d8cbdda71fc208e75bb9dfb9cd93.png
age
3861787
edge-cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338727417614195939060249909528942215183,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
267
expiration
expiry-date="Tue, 15 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
77234
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000032-IAD, cache-iad-kcgs7200057-IAD, cache-lax10625-LGB, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230073-FRA
last-modified
Sat, 15 Jul 2023 11:46:52 GMT
server
nginx
x-timer
S1694129495.043137,VS0,VE1
etag
"9d36e1067b0ce85dc936db1f2cb39a57"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 92, 1
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:14:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:35 GMT
spa-detector.20230905-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230905-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
KEGvtegWzhSmJ0zyOWVzsjMEuOiRrSzx
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:35 GMT
x-amz-request-id
5Z1CHXFC88GT13TW
age
116258
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
1R6YEO9Myr91tXufEJQPPNQ2KLQnJQ8K96AKA2aZIoxRcffRrKxm7cTEbrWPZe7wMn0nAh2HBz4=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:13:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1694129495.056234,VS0,VE0
etag
"f7cc4f6d837535cfe5c09f38624a17a0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15506
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A31%3A35.032&id=3276&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1694129495033%7D&tim=01%3A31%3A35.033&id=4555&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A31%3A35.036&id=5605&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi48=12611&tvi50=9058&lti=deflated&ri=c1be8fbdec056c7593df1fba32f3ac36&sd=v2_4729d244b5ea565e5994e609b32dd1a6_dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6_1694129494_1694129494_CNawjgYQ2YJdGLix8o-nMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABom4_D7OWo_MhscAA&ui=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&pi=/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&wi=7032255990200749062&pt=text&vi=1694129494200&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1694129495039%7D&tim=01%3A31%3A35.039&id=1876&llvl=2&cv=20230905-4-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.09990603607260029&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.9198856929090131&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
view
securepubads.g.doubleclick.net/pcs/ Frame E9A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6jyNFqtD8NXFC8QKhtlstLDs3ry5oYGEUooH9NxXHvexpAQLXXYKk4STE3eL0RYLEIHAgp9r5OYWdVfYarObgXe1sYD6T_JXIr5dUrMJxDvTAlJgZVVrd4NBylrGm-bTYBbIgUX3kYZFVIPHvKSStmBjR9d4qHwozbK4Y4TR9NdUGKXB3X2vyE2jC4CS5w5BxrxyEek7qBuQpDzKvtP63jWEQKuzazJoYgMfiyx45pRGv2nFEFwto8q_DXG0b3_EOb9fHOoIjkipdix-rn9JPuDbb3jmq4tSuc2jUUKPrdmJOXeMUjv7XkXO0hPtZ9lqpVHUj&sai=AMfl-YRE6AueNNv4lqCZmAHszcsWYKmx5dKUi0n0Wv3KelJ6FK4Hsf0Far-UYNgIFSNtYfJib3oRIFR2QczQAdyooB7E2hcZvXh0VA7MfvcBppDS3pECzoT8tC1iFSi9dxF1eH6BjL59wi_35ARr7gQ&sig=Cg0ArKJSzN8joOo3iQZLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 23:31:35 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Fri, 18 Aug 2023 14:03:06 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64df7a1a-66bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9A7 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp&cc=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
358f7440b9173bc11ae41208ecef4414a4f0e9c2a9476668171727bf619801ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-y+uaKl+d7qmKnsRYunCM6h76Gxs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.bg3.co
location
/esp?url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 4F20 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:34 GMT
server
Kestrel
server-processing-duration-in-ticks
276978
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
container.html
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF0B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:34 GMT
expires
Fri, 06 Sep 2024 23:31:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308242321000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:40 GMT
age
193495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32129
x-xss-protection
0
server
sffe
etag
"d5ab003501cb3fb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:40 GMT
nameframe.html
d-1986575664913338571.ampproject.net/2308242321000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-1986575664913338571.ampproject.net/2308242321000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
adreq
ads.servenobid.com/ 		721 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10114
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f9595e3aa6b60c1fc36a8494200ea88afd505428539868293a6793d13fc80ad

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
3
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6cfcd73faecf75e14b42ceb90b336429b58eea341602fc6da36f4f6670c0e8de

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 07 Sep 2023 23:31:35 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		16 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 07 Sep 2023 23:31:35 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
2ea816697c59eb2a705dd2a0d1a768eef5a2ee301be963fd835a18f7d9f2ceb3

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.128.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=2&alt_size_ids=1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=7bd48add-9931-4c91-b933-dfebe99b45d2%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=fa87435c-bd25-4794-b580-d636d4139a6c&l_pb_bid_id=655e900ca4dd65b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fa87435c-bd25-4794-b580-d636d4139a6c&rp_maxbids=1&slots=1&rand=0.9772559667052272
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c3b470e24e920efb25660416e20862c20d4df90f16b45bf3404cadf395724269

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d210c1e42e4c70a5084e5ffd2c4c8cee40d462c233e2e78ab909f594aa5350f0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vary
Origin
prebid
prebid.media.net/rtb/ 		2 KB
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
66b5096346094807a758c1a3405d05a9d96ce93ac76d201d7028d0a4121bb233

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 07 Sep 2023 23:31:35 GMT
auction
tlx.3lift.com/header/ 		19 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.194.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
x-auction-status
29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=99594937996&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
45374cef866649e18d61776a69762db195b302284c67be04c874359fa8967345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751713ddeb5b0f39cdae9ac0d8784fd2287a8777acd9d212ee79968c17aa6dde

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqnYlXcUxE%2FFZ3qpzAyz8b3Uodq4aNQNysoZWtyjLSKw6PJfcbtBsQZuE6hiiA9bfNK3TjfFsDpZxoG0T%2B3bSXm6tgMPgfMI1UtvCBh5SsbfgcYIWrAXH3s8X4%2BuvZ%2BM6ZBWKYM%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8032bf014baa373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751713ddeb5b0f39cdae9ac0d8784fd2287a8777acd9d212ee79968c17aa6dde

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2FoIBgiVUXg3RTh%2BX9ICXHHNo8sAXrEipFX%2FiE3%2FxNcC6TrX3MBkyM0I2X1zC4BoMoxq52NrP08ZPIUj3vV28Yw10UvyERiw8y4X4Z2Oe95iMEhbu99DjKAH6NaquRfFbc80BEZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8032bf014bae373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751713ddeb5b0f39cdae9ac0d8784fd2287a8777acd9d212ee79968c17aa6dde

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzczzZSf2gBzYTErlmBhha4im2bZ3VBVF6HUsSKrW0eknSEJgPnJEeT9bxds0GzC0%2BHWjCDerEVhLqNrxKu%2F%2F%2FfshWtBIIQCaSHqA7DOPu4n3SpMnVzMaIcJh1QhLs4bmJpyGLYX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8032bf014baf373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8032bf014af518d6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9327a76a2b72156aab87830e2fc6dd2ec695f4e1a7fb51fa22548226129c1141
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
an-x-request-uuid
058223a5-2ab0-42a5-9cfe-78c06e4121e7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96YWktamlhLXlvbmctYmFvLW1vLXNoZW5nLXJlbi1uaWFuLXpodWFuLTE3MG1vLWppbi1mYS1tZWktemFuLXdhbi1tZWktZ29uZy16dW8tY2h1YW4tZGktZHUtdGUtbmVuZy1saWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiIxYWViMWE2Mi0yMThiLTRmNTEtODU1Yy1jYWU3Nzk3YTMzNTMiLCJ0aW1lT2ZBdWN0aW9uIjoxNjk0MTI5NDk0OTcwLCJiaWRzIjpbeyJjcG0iOjAuMDMsImFkSWQiOiI4OWQxNTBhZmFiMTZhY2EiLCJvcmlnaW5hbENwbSI6MC4wMywiYmlkZGVyIjoiaXgiLCJyZXZlbnVlIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5NywiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MjM1LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDEyOTQ5NTI0OH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJpeCIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODlkMTUwYWZhYjE2YWNhIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDAyOTk5OTk5OTk5OTk5OTk5N31dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3300.3999996185303
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:17:21 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
859
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
dTNR-94MlBEj12IHhfh9FERZmBGF3dRtjUzq23IRwwcJgucTfKpHXw==
sid
mug.criteo.com/ Frame 4F20
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=bg3.co&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=54cpVnxMSTFrQzhldDJraGEyaGp4SGxrYXkyUEgybVdtbm8zRit6dXM1bnZ4MHlnZ2VHS0VjTzJDaldQN0lTM0xTdHRhaXZJUFZ1aWxRb2JreklQSy9WR2VIRjdETjBhWmw1dXZrakpGTGl0SFVIUW50dHVpemJQWUF5Uk...
425 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=54cpVnxMSTFrQzhldDJraGEyaGp4SGxrYXkyUEgybVdtbm8zRit6dXM1bnZ4MHlnZ2VHS0VjTzJDaldQN0lTM0xTdHRhaXZJUFZ1aWxRb2JreklQSy9WR2VIRjdETjBhWmw1dXZrakpGTGl0SFVIUW50dHVpemJQWUF5Uk52NUVhamtWNG9JWVhtVmtxNzN6REtuM1NXYS8rMTdJWFljOXpDWnFiVkV2TVJsUW1KZlJPZEpEcDRYS203SmZqZ2xicmdackNyNEVrWWM3djZ2UGt5dEhkcFJPSXZjYVpHK05RbVFYQzVNY21MWUZDM2VMMGxsR01kZjNDUVo2Y1FRenF2aXNML1M4bnp6bWhtTjdndUthS0ZQbGVGUT09fA&cppv=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9c556047adff7d1633b7c2c6167eb1bda53040945c844941156248ece8d3996e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1116646
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=54cpVnxMSTFrQzhldDJraGEyaGp4SGxrYXkyUEgybVdtbm8zRit6dXM1bnZ4MHlnZ2VHS0VjTzJDaldQN0lTM0xTdHRhaXZJUFZ1aWxRb2JreklQSy9WR2VIRjdETjBhWmw1dXZrakpGTGl0SFVIUW50dHVpemJQWUF5Uk52NUVhamtWNG9JWVhtVmtxNzN6REtuM1NXYS8rMTdJWFljOXpDWnFiVkV2TVJsUW1KZlJPZEpEcDRYS203SmZqZ2xicmdackNyNEVrWWM3djZ2UGt5dEhkcFJPSXZjYVpHK05RbVFYQzVNY21MWUZDM2VMMGxsR01kZjNDUVo2Y1FRenF2aXNML1M4bnp6bWhtTjdndUthS0ZQbGVGUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
236963
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4347454479485159&correlator=1329686256585833&eid=31076406%2C31076408%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&arp=1&abxe=1&dt=1694129495303&lmt=1694122295&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=2097357468.1694129495&ga_sid=1694129495&ga_hid=686803797&ga_fc=false&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&dlt=1694129494025&idt=666&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_16_0%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.03%26hb_ap_adid%3D89d150afab16aca%26hb_ap_bidder%3Dix%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_e%26faid%3Dfalse&adks=3805778231&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6efc7293aa79688be8380e99578521f8de14714b6390605b33a2a829bf09abb
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnCmJbUmYEDFYOg_QcdWrEPLg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15131076705394902309/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnCmJbUmYEDFYOg_QcdWrEPLg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15131076705394902309/index.html
date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51241
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E9A7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13145054ee259cef974c0ac8e763233d340561960537be935b505ec2abdadc49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E9A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL5BQIxuU-7u6D1bQP2ZXGNGYakItDqV8OemDNmSMmURI5iTv3yjDen3L-pEjX5OZfeKLjm9OYVpKUSyi-Ofkr8wUqjDj_DpGFRz5FlAYz3TfwXj0YTGpT3xQLe5Rnd_tRhRayD_V3dvieydl6WFEh4KpDsTuKd_b8obBihizsJ31gzsvKe0bOUg5nZn4F2kIvHvRkce4Sr1BYWJt_-JSFnPEiQUCehgXgV6WoPZ22f3IFvFRzrnf5o2Y2_wMrDdoZB2k--iaJ2eV15VyIYQShcH5lhN-wnoiQif6kOjCpEeoFonylDk8mIegjv-B6nE1R8WiepY0&sai=AMfl-YRsdvr0qKiBXF-yLugFpTeAux1i5fGUeReUqoPslJ8eYJF9TbILCLml4X7l2V1NWlFE00F5LrcDDWyE9PVvkbFDtHLm9L3d32fhfr5tpbWwW5RfA6tnB12DBeDUTqbtS30p7HxKKw2ghrG2Qmc&sig=Cg0ArKJSzEcwets5bIdeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 23:31:35 GMT
css2
fonts.googleapis.com/ Frame EF0B 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:10:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FB22 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 07CF 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 07CF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33975
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 07CF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33975
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 07CF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKw9nVfjjH9lsN2z3wqN_qKGRfS-PGcI0c_ZcIVxFX9m9kcev994HSgVbyVgVita_8vIJ1nHvqVSam45xiO0jkudSZrGqVthQZTqTDyEznu7qi1-o
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11128412956603081628&x=1&ct=76
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame EF0B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
33786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8566
x-xss-protection
0
server
cafe
etag
5625731030761120726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:29 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 2CAB 		714 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
5368
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8032bf0219a89244-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 23:31:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBXRI4h3kAbgg%2Bjyaq%2BXGiY0RelkEA5YMw%2B2Vvi06mdvHTyfMTHGLxW4437dgTeCOvGiIqrHOtOZZBhQuylbBN1y2GH2MARWAWBZBV73pdaoqXzuQ1c3h2ZMn%2BkDeGQZ7U%2BKg2lYIfjxdN7TPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5DE6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 23:31:35 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 23:31:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Thu, 07 Sep 2023 23:31:35 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
impress
ad.vidverto.io/delivery/ 		54 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&referrer=&async=1&uid=5052698568&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b0f780d05f1b7c9c3252d8f51a6a3cbd68024f21f5cda25d2ab072b632c3b43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
st
imprammp.taboola.com/ Frame 561D 		422 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=undefined&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=131faca3-f1f8-4fe1-9546-25cb4deee670&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1677c99fd5ad242c20e424a39aa36f878c209f41e929062741d44e01d855f00b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 23:31:35 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230073-FRA
x-timer
S1694129495.393750,VS0,VE10
sync
am-match.taboola.com/ Frame F5B7 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1677c99fd5ad242c20e424a39aa36f878c209f41e929062741d44e01d855f00b

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 23:31:35 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694129495390&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1548&pt=-1671973277&tz=120&viewable=true&ddast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
21691b08b99d19871b8fd7eea6da00c94347b9dac763480b810abefc35f6a474

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1430
x-cache
MISS
x-served-by
cache-fra-eddf8230073-FRA
pragma
no-cache
server
nginx
x-timer
S1694129495.399032,VS0,VE46
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=31589837&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1694129491966.5!ts:1694129495385&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-length
0
server
nginx
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A35.393&type=usage&msg=New_CTA-event-1694129495393&llvl=2&id=3246&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14594
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=01%3A31%3A35.393&type=usage&msg=New_CTA-event-1694129495393&llvl=2&id=5581&cv=20230905-4-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-next_up%22%2C%22itemId%22%3A%22~~V1~~7665703039776441071~~8vYP-svLX4519%22%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14594
5d2a0e7b082804e38669bca08971b645.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
537d58d06cdb948ddbed0541b769fab7e240bf3a3f8aeff4d199d3bd26a0b91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d2a0e7b082804e38669bca08971b645.jpg
age
110968
edge-cache-tag
384476866843345985888517940921967803307,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
384476866843345985888517940921967803307,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1088
content-length
6822
x-request-id
5eacb4149c21505a4de2235df39e1cad
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kjyo7100118-IAD, cache-iad-kiad7000053-IAD, cache-fra-eddf8230073-FRA
last-modified
Wed, 06 Sep 2023 15:11:34 GMT
server
nginx
x-timer
S1694129495.406245,VS0,VE1
etag
"501eefc2b4afb448aca00b41f0a81916"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 8, 1
d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7605b3f82549b5a4fde77fde2ae25e475377631a74efa4b6cae48e927b0d83c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/d57cb077-e4d4-4a14-8cb1-4c4ee2f77386__NKRwumJP.jpg
age
441922
edge-cache-tag
468998993225076219641510640494932664770,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
468998993225076219641510640494932664770,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
227
req-referer
https://eachtechs.com/
content-length
10414
x-request-id
a334ec6ce343c2aadabc06a82735520c
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200137-IAD, cache-iad-kcgs7200067-IAD, cache-sna10735-LGB, cache-iad-kcgs7200146-IAD, cache-fra-eddf8230073-FRA
last-modified
Fri, 01 Sep 2023 07:37:02 GMT
server
nginx
x-timer
S1694129495.406325,VS0,VE1
etag
"3c9df1ec7862b3b8ddd6788507e4cc08"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 1
64354dadcbcf6ca283af852d28603a1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64354dadcbcf6ca283af852d28603a1a.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
da30704f42357c94856428934e7e8e95fc2f44e13c1c2afa2bded802c55e9271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64354dadcbcf6ca283af852d28603a1a.jpg
age
2006044
edge-cache-tag
513811410939988139387897735825378005482,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
513811410939988139387897735825378005482,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
552
req-referer
https://www.stiripesurse.ro/
content-length
7752
x-request-id
e0d3e8532429447a616ab4b102586ede
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200048-IAD, cache-iad-kjyo7100109-IAD, cache-sna10726-LGB, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230073-FRA
last-modified
Fri, 11 Aug 2023 20:06:20 GMT
server
nginx
x-timer
S1694129495.406428,VS0,VE1
etag
"d65da136a58deb9f946a4f58315d6ebf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS96YWktamlhLXlvbmctYmFvLW1vLXNoZW5nLXJlbi1uaWFuLXpodWFuLTE3MG1vLWppbi1mYS1tZWktemFuLXdhbi1tZWktZ29uZy16dW8tY2h1YW4tZGktZHUtdGUtbmVuZy1saWFuZy5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtMmZjZThmNzQtYzk4MS00ZGVhLWEyZDYtMDFiYTQ2MGNhYzgyIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6ImNjZDk0NWI4LTQ4Y2MtNGIwMS1iYjliLTA4ZTc3ODE0MjU3YiIsInRpbWVPZkF1Y3Rpb24iOjE2OTQxMjk0OTUwMjcsImJpZHMiOlt7ImNwbSI6MC4wMzI1NTIxMDA3MTgwMjEzOSwiYWRJZCI6IjkwNzQ4MzJhMzhhOGIzZiIsIm9yaWdpbmFsQ3BtIjowLjAzMjU1MjEwMDcxODAyMTM5LCJiaWRkZXIiOiJjcml0ZW8iLCJyZXZlbnVlIjowLjAwMDAzMjU1MjEwMDcxODAyMTM5NiwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTMwLCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDEyOTQ5NTM3Mn0seyJjcG0iOjAuMDEsImFkSWQiOiI5MTM3MDQyNWJmNjIxMDYiLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjE1OCwidGltZU9mQmlkUmVjZWl2ZWQiOjE2OTQxMjk0OTUzOTV9LHsiY3BtIjowLjA2ODU0LCJhZElkIjoiOTI4NWYxZjlhOTQ1Y2Y4Iiwib3JpZ2luYWxDcG0iOjAuMDY4NTQsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwNjg1NCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6MTc4LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTY5NDEyOTQ5NTQyNH1dLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJyZXF1ZXN0ZWRGb3JtYXRzIjpbImRpc3BsYXkiLCJ2aWRlbyIsIm5hdGl2ZSJdLCJwcmViaWRXaW5uZXIiOiJhcHBuZXh1cyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiOTI4NWYxZjlhOTQ1Y2Y4IiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA2ODU0fV0sImNvdW50cnkiOiJDSCJ9&c_b=3460.8999996185303
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2CAB 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9d5fa4f593a0af41ecef37a393b5d14e1e0efce57c2b2f6ab885d30bce1e179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29031
x-xss-protection
0
server
cafe
etag
850 / 19607 / m202308310101 / config-hash: 6691085259580024239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
generic
match.adsrvr.org/track/cmf/ Frame 561D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=undefined&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=131faca3-f1f8-4fe1-9546-25cb4deee670&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 561D 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=undefined&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=131faca3-f1f8-4fe1-9546-25cb4deee670&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:316a:16ef:4691:e00e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 561D 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=undefined&cb=1694129495385&uv=3334&tms=1694129495385&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vD!ufrlt_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=131faca3-f1f8-4fe1-9546-25cb4deee670&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame F5B7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F5B7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:316a:16ef:4691:e00e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame F5B7 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CB6F 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b2fb11815c5444932aa8b5d0478e62b2261712dfe45f93e1ce546c4f8b7033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7909
x-xss-protection
0
server
cafe
etag
9474200809355355654
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4347454479485159&correlator=3313594648291180&eid=31076406%2C31076408%2C20222282&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&arp=1&abxe=1&dt=1694129495463&lmt=1694122295&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=2097357468.1694129495&ga_sid=1694129495&ga_hid=686803797&ga_fc=false&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&dlt=1694129494025&idt=666&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dcontrol_bp_0%26vacant_RCA%3DC_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_16_0%26cluster_reporting%3Dchrome_DESKTOP_16_1_active_0%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.06%26hb_ap_adid%3D9285f1f9a945cf8%26hb_ap_bidder%3Dappnexus%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26deduct_ad_fee%3Dfalse%26adro%3Dv5_e%26faid%3Dfalse&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9390e1e88f89bc0da04f7470af886eebe18369d60fcba68bd9776eabb857b724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13925
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=28266350;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html;uh=e51ed67df...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=28266350;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1570509759-1694129495285;pbc=7bd48add-9931-4c91-b933-dfebe99b45d2;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694129495480;tzo=-120;ogl=;ses=b6451ed5-8542-4b37-9bcf-862568333b55;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AF02 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3216e63497554ee61f387175cc33f2893c79366810e4e537303c60b55799634f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7896
x-xss-protection
0
server
cafe
etag
1047269166762663834
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
/
onetag-sys.com/usync/ Frame BA24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		358 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126089
x-xss-protection
0
expires
Thu, 07 Sep 2023 23:31:35 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 17:10:25 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6442c381-edf4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Mon, 28 Aug 2023 12:02:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64ec8cd7-15d84"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		280 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Thu, 07 Sep 2023 17:02:00 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"64fa0208-461ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 08 Sep 2023 00:31:35 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3Dd54551e7-fb5e-48ea-80ab-e929c889c9fe%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=d54551e7-fb5e-48ea-80ab-e929c889c9fe&p_id=23
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=d54551e7-fb5e-48ea-80ab-e929c889c9fe&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=d54551e7-fb5e-48ea-80ab-e929c889c9fe&p_id=23
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=d54551e7-fb5e-48ea-80ab-e929c889c9fe&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=d54551e7-fb5e-48ea-80ab-e929c889c9fe&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=97eea2f0-7093-53fb-bd1b-5e3bd9e10363&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.vidver.to/delivery/v2/sync?userid=37127951-af8f-4ea3-84f4-b623c8bdbfe0&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=37127951-af8f-4ea3-84f4-b623c8bdbfe0&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-216.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=37127951-af8f-4ea3-84f4-b623c8bdbfe0&p_id=15
date
Thu, 07 Sep 2023 23:31:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-208.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Thu, 14 Sep 2023 23:31:35 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:49 GMT
age
193486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"13417016125ec007"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:49 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73529
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Sep 2023 03:06:06 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0Jxivdpzd2VomZQd49ciiQXMIpfn5FEto7bMqidMFXXqpqDapBa1n60E%2BTIY23hZikjbJbJjTfMt2QSu%2F%2FlzY6Z5rXADPfETFo0HW%2B4rAm8KLbb9G1umvSVEo6ZOvsjqfIYz%2ByPje71q31MKgnp9ImXlwZkWY2Rag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
8032bf0349f32bf7-FRA
gtag.json
cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308242321000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Sep 2023 17:46:49 GMT
age
193486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"2053776e7f80c73d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Sep 2024 17:46:49 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_4/infra/ 		880 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922380
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEQYM4MR0ZRP5J1
age
206988
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922381
x-amz-meta-mode
33188
content-length
147123
x-amz-id-2
EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Tue, 05 Sep 2023 13:59:42 GMT
server
AmazonS3-br
x-timer
S1694129496.540391,VS0,VE0
etag
"38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
193518
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693922399
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEY0CJZ5CP448HD
age
206987
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922400
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Tue, 05 Sep 2023 14:00:01 GMT
server
AmazonS3-br
x-timer
S1694129496.540563,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
154731
rum
dsum-sec.casalemedia.com/ Frame FB22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEUTHpS50OoD4Q8I9JsYZSZ3xImSjdxM2vZbskVyGmk7eGPmAVfeKw%2BKkUn8uqi2n53ts8DVpaOBWdL81wFj72ol9CWd04gsacV1bhTJrMbGbxPGXQ%2BJpG8jw%2B80RZIr77zTCXV9djR2Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf042ebd9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FB22
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZPpdV4YSjHrx9Y-tzH4ncgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7jBM6qaz4C1MGFsYF0Q%2BQFNUudXJ21vpXEa5BEgn130UEcfMi1mBsf1Jqd9QfU2LkIMPozxUPO%2BiMCPQvzEWIf4TVW98vSG6PebH8sOA0MPvkVzYqIQlEgTcqZZUwCRvgT4QlzFFEQxIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf07291a9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEPLOI9ONInG_XQTkRPYxk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FB22
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELKXfQDckiwWbXbjgNkQOsY&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELKXfQDckiwWbXbjgNkQOsY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
an-x-request-uuid
b7ccf928-410f-46c5-ba9a-6f5a45100867
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELKXfQDckiwWbXbjgNkQOsY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB22
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU3Mjg2MDYyOTY3ODY0MjM3Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU3Mjg2MDYyOTY3ODY0MjM3Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY1dfx9AEwAQ&v=APEucNVMJ_bSGBDyJoj8nmKhJdtxsvhXmRGY15kWHH4FFIgjUJ37m9hwA1LiWiuCEuoRVXggOyknYDoHfmoSAbfbfr7AX6TvR4_BWvHY8hYdynLiTzlNdwrGVie9PZu4GH3gVK3P8pb0SoEJOCLPcSEHeaF7Ru-Xoq1XWUJMmXTbX0wRem6gg8kwAcfEfsBbxYWj4biSTNBKAItJM_Uq-YXGDc-K3wgElQ
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
an-x-request-uuid
796196a9-b990-4ada-a372-8889ebb973d1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU3Mjg2MDYyOTY3ODY0MjM3Mg%3D%3D
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5DE6 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58990
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:54:45 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame BB9F 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 07 Sep 2023 23:31:35 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame CB6F 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb0a1661619f113bd81a1d7e90fb225a7816e5ea1af1320b1ef570ce0b776fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50493
x-xss-protection
0
server
cafe
etag
16665412174224030699
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7189853841633&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7189853841633&version=m202307240101&ct=76&x=1&cor=11128412956603080000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 07CF 		97 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0-4iiwWi-K515yLrtm66CLQunYFLZ4cPxkq-fjX_mtcetQOVLCCdw9rWISCryUbtZW1y9471Z_Rh6jH5rUWHkWwoBHQ&cry=1&dbm_d=AKAmf-D7dOVkb1WlLW0KPmj6ZKFRJcINCNrakZ4G5PRGmc8TR7sn6uxmmPSsJ1mmh7oQdibnD-_p80L1Yg3j8H1HnNUIF46RTrxc7saSWfBlwuShoSP73AunvMFDSOZXG_92zWbQ4j0adZM4yqvAYxg1T6mhsLOykdXs6cnhgdeKBdSyb3fqULqM3NEPEIeMzipFX99k9JrKLyt2LgK6Ky1iDA7tdpTIt0eQ8sjZwbvf-JtFX9NsQS7Q-kW_HpikqJSPOfB0sFH-q3RYjwlhRuccZJ8ZNbY-PnPuEf4DtpOM9WbCpkxMgYhhWmubdLsRTHyk0OFwKSw1Jwha63MbwH9u_aZJRzXsrV76WIPC-hDt3AbrY1O6AjHijMAMiu6nFb76XeGuyHu1Ooyz023KviE1_PCtpPOqK_52setiOEZy8TyCK5fxLUXG9iMjt36IhMfQrdaKrpW2nWPvExRxmB8R7Z3MnVrQaiQ2dxgZfwg3rwm78-r2IdsTURYbNpYYwtZIHN_3B5nKVs3XlcMZ9mtfWpT9-0RDKcalH7KznYDQT9oeuJ_9mAATN0acvvtu0SlMB3CT4APyB9_q6_D3WIdqSD1mJJqINzhTX8rzRzQjN6UW1u8m6QIJOzRSQQlJDmNjkUAJUkVT1hRNEpy4QM0GX7Pqo5dlr8Y_9HOT_sgYWVjZmICkTUsKL6qY_0CM7jCXO-oFMTk7AS9Lbcc7lyQditaNeFPykUKyzFHxT28LA0n9vxcqpOIHsHT1D-CM6VraEmW-ygqBvird0LfpxKHEImLxFIGcHRYN6eoMv325KKTgW0DnWd__zzRdXdDce84VLxhB2fYWeBdtSuyrVM3upqb3oebnWkMOGXgzLIXXQ5cQldtXxQpMCz-dVtMEJejSEnr3ekja-cd8R8VT_K_ZBZeHj_zSwTQJMP3HoFvKCvhvx9LvR90nDSsQ_LvOHPfd1CzxKdVUdfZ6I2cKlcRb-EYXfKoYsuBU19Lmi72-DDdFnF5kSwia4klkG2aXIu9Ew8ldu_zezKH9dPvwG119PVA9BiJ_XA0SGf3VO--iQo_bCHKjpl0fo9xggku1n6Nwj9y0njMe3Izru7BK6TCEvhm7WQTfwlK6k6ZjiQWeZDJ_Y-KVcD3nLWgQxmk-PVMZmE6nZtoh5Vb-VQJxZVXGu3O2RRuvYVt7b2GKzWsUMSEnpcOeISa43HonpQaClwnoSH7bjnMPhI8bmxM76RdWbOnA1nXpgd6slvUDIXpDaVXpugb4LuI2nFWXo7r82wQYth1AruvRsyMaUJdA25gEBtmKMspq9y4kVwbqDb_gk7drUtGnsdrQBCWZHeg_gxQReFH7KsLSpCM13pqf0xN7KMEoEjevjoY9ztGfrpONnQD2OtXXSJ6ZDDnY2X9s_bij4VqBf_ftyhQft-oB7I9BkSR7tzBp0VZaBmF-hoWNuR0dktmkz3SPCL_umv7LWvuJG_lnMYIv1IO7rwc5jNTlGqADkKagiPtBneFqAp0xCuERgKINsi3aDrxv-CPfSKtJa_R0aKolHjTmRlZ87EM-SlVeO3lGokCTYMu7W-WICv1yd4WPXGj0cDsJmZyzeufnPqWbpkOLYUljtAQQoXvzENXfFUEpYMRl19kvsF4AxX2z1JeTZAQd6NIM_C7h35-qUiFa3f6RVcLKs6TZnu1vmS9uXWbMvw90Z0OYPuZ7ZhYr065sc5DhXqhLnIg4b6XwTKZiYfZiP0qzQPRYjrrBGuHSAQFo-fAxI18l3ZfLqBv_T9c7Z9vqw_ZkLS-zrK6vtp7F5Xvi6Gr45usiiu226duP265rvaLGx-fMeNnRsJj39uoqgbgt9tfA-iDBApAeHxhzqfLid7tp9dns-oYHdLvgbmj81frEmpLgCvWJy7xaBwKLXX7tPi2xBpfVMutlfgQXRwLJLcJVbHutBDNFzzImscerXxsmMTFUj4NisIWftKNzrxMwQL_WFE6enCutKSfOTKNy0hOyqkg_9v-5jKE7qFp_CBU7u5yGD0TI5S-2eWPamlSf82jDbisA6vLN-BjBVh30fZI0bdI7S2sAwOUanZgRfqedp6NtyFw20nOuyx0oQxHaK0U3dbZtj2GD3L4YTKVQjM1wXKy8x3V_3sKwj9RT5ehFT9e3LBH1Cc-OydeggcCW0xQyMlLkNa0wIW_7qJoop1Yk8kvDPLvXagVEpKjnlvjGrX6HzOBG9UJBIMDJVSnu_oPnfdSsHmm0hNWMGi5odhH4eFWP9wWIs4iL_ZrEORtWpCSHt_5Xoix6wtg2XLsAgFJKB_hRm1ai6SY7dtXYrmDjq8esFy52IjrpXovtashok1fD9wSDmOVTRpf1_55PFaZeG225yvsRhj86I_dHw0RNcL29Dm_8rJzWc_QLMDUURohzwFNmNJRF1CE2l9eBgtskNIMMJiCd4vrSq2ENcBal9MWdkYlD2OP6gqC8lzTEDHIxNpkVzkEg_zraZWuz6msqeT6-uxeTrvYZn87EFBkL9sXWchgOMf2i2uybhYLur1PeocjZP3izecbnrB0RVhoZR_vNoxxX2RTPpMG_6if71_jM94f2Lz7Ca2rpHhIOF_zmAlbzTGhWRAkwH0i8ZF5uLvO0bB9zZsziP7_hOgIOx8bLn4F7WtWgep46GmQV5eueUEd1L-srhKwpaTd48rSHspB9vogdor3MU5jLVPEXxAiFjP51Tq2aV_UyZ5PtoXHjn4Xkn5Jy10616c-gEEBbC1AZdp-7czoismp06W_LxMmJqd3Nn7B0MdJ8KqdZhY3mUeY5ZUjXgaAb3jVUZNy1cTOI5PrBGTF5mK2KxZdFK3vIxf5iGD_gVZPNZvkLXhDwbIoNmJbuRvKsbAJJyok2rTdW-AIVY-4mtpDTjVdD6VG7PUr1EagOye3RsMBtmk-HS-gt06LM0HQdg7XaRnERJcsw4kWIo7njlsyduVNuxwjfUPBPK68C1ji6UZ6e4UivVOJjvv7tGW6MRa-tfj55vpq9Oy95ZXK9QEkYqRgdU6pOM5wtKFIQs9KCeqOl0kxeEWSAU80nok7Yxfat_k8o66FlNJEENa4W0k1WR4Y0D3dCrfrU-chSOKhOPdtSq38HWTyzsmYY1EX_e1Jhajqb_ba9T8WXOEBZsCW8aEIXfJrt_RPTeVBPe3BbH5SwHdqowyrGDB7TSnSq0MK9R0bP3ajGN4HBh9_kkW0iISfspsRfXSn-CMS1yHfm5jB4Q1B11o7ebzKv4iW6r5iM1LaVwieLRoBvTYUSzWGt2uThnNA7sUPlNR2FVyhBMyeXqyVMMNuGjPqW3JmmWNklTH_y6gEn113J0Mmg5JlsH-xNMf6b0qWpNqArsEcwS4nzyDQ_CaZEYe6ZSzoY5iUqjoCmcABnC1_lJGdwHhkuCI0hkjkhNoVyQ4mXFRbQJ_g2RivcyHSAb7AkkYYuvlR5KM-nNG9p2Z6UHmKGhl19VkERtjM_Kgayl37AL-KmW66Zg8AsFmVAZXLFP6yHJQP1Eo-WryE29KAGmGtEQ5AS8BnSQ9OQVhcGMX3nAdjpOWqBhiAmW7qd3-MEFtlRIngXCmUFqnuPoPIJnqo4RHx1U8PUE0x5t801UmoIUIrmD3Y44p_ElhDqzJlPefrQx6NSlGVx1Dd3GG802yyCws_5ZCfgucGbx3a5K66LbU_YmjQAYntWTho1CGvgtiRr-ak9RJmZ6satso4HSx2_sPdh8dRwItlmka-nOp35J9HvbJp2U_oQurCRrc7EdJxm8u8B5bD3EhzLG9foc5Zftue86yY88VeGpGwXL5UN8t6aLIUQcWuvqwjKHPWJVLxZMbFRO0umIfjPFnxbcaG0OLXKwrZ1fYUeKfNkmEO9N4RVZnVeI3--5Ooi2P0DTXGfdq0oeY1b5XsO3TogjZz4aGtJq_uVJtJLTVycZOU3DSuQJH2cI7meG2iTWhnO21a388A&cid=CAQSSwBpAlJWr9UW0V5bNKXgx0zMDWQCIg1g1yzk-qzupp8p6y1rmLZUKSA8p0OSao7SBWtcKFmk3uYP8qt-WFKrnRmymbLdrjy5B6v7IBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=11128412956603080000&adk=1877897943&idt=117&cac=0&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a61b789d05893d4667d3b5872e4034e5fa751f7b78aa54ba6f9b986d5efc8445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40536
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=12611&tvi50=9058&route=AM%3AAM%3AV&lti=deflated&bulkSize=20
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
8272
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230073-FRA
pragma
no-cache
server
nginx
x-timer
S1694129496.683251,VS0,VE12
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 2CAB 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 17:42:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
20949
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 17:42:26 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 5DE6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM9SYKHD-T-IVD0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame AF02 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb36969ede7ffc5ea92b56a7aaf258231b1291c5edfa452c631dbe0634f802f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50493
x-xss-protection
0
server
cafe
etag
4360384864668542164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:35 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1904364
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1694129496.781310,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
18092
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/ 		448 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-meta-mtime
1693904460
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HYK8AJ9H52WB6KA4
age
224986
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693904472
x-amz-meta-mode
33188
content-length
86274
x-amz-id-2
t1lNyGed3NAQ57eXbmNV3qVCMiGjwwYQ92oCZvFfitu9WKbobo/2tqpNuGO2BTlGE6TqMOiZWNA=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Tue, 05 Sep 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1694129496.804698,VS0,VE0
etag
"e792bcdfdedece52c8d382e55db7d6bd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
198310
sync
am-match.taboola.com/ Frame 6776 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0fe2b906c42023a02cb9c0dca7cec8a4169930a7b602e206c204af65c8c53b3d

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 23:31:35 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&cmcv=&pix=31579697&cb=1694129495805&uv=3334&tms=1694129495805&su=3&abt=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vG!ufrlt_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
content-length
0
server
nginx
container.html
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F87C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:34 GMT
expires
Fri, 06 Sep 2024 23:31:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 07 Sep 2023 23:31:35 GMT
via
1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MRS52-C1
age
1371755
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1694129496.917151,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits
89525
tap.php
pixel.rubiconproject.com/ Frame 5DE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJO6EDZOzO49VKAFzJ_iIxI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJO6EDZOzO49VKAFzJ_iIxI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJO6EDZOzO49VKAFzJ_iIxI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE05U1lLSEQtVC1JVkQw
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOyC5oDAaAX88oLFHyLOVvo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05U1lLSEQtVC1JVkQw&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05U1lLSEQtVC1JVkQw&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE05U1lLSEQtVC1JVkQw&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/GmY1Wf2mrIp6IrtiBeYJWg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VtRww71E2oKsAs5GldD.rs0KNCoNy.yJE9musQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VtRww71E2oKsAs5GldD.rs0KNCoNy.yJE9musQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 07 Sep 2023 23:31:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VtRww71E2oKsAs5GldD.rs0KNCoNy.yJE9musQ--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 5DE6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhjMTViMWZkOThiNWQwYzNlNTMxMWM4NDU1NzYzMDQyZjFlMjk4YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhjMTViMWZkOThiNWQwYzNlNTMxMWM4NDU1NzYzMDQyZjFlMjk4YQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDhjMTViMWZkOThiNWQwYzNlNTMxMWM4NDU1NzYzMDQyZjFlMjk4YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5DE6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DOo797J-RJ6r8cX9Ze07Cg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DOo797J-RJ6r8cX9Ze07Cg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DOo797J-RJ6r8cX9Ze07Cg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RFHC7JQVHW84EFZZJ3NA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=DOo797J-RJ6r8cX9Ze07Cg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5DE6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9SYKHD-T-IVD0
0
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9SYKHD-T-IVD0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F2DE716734A545EE94540EF19E209BF1 Ref B: FRAEDGE1408 Ref C: 2023-09-07T23:31:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEzULX7+c+ntr1FZnUdA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM9SYKHD-T-IVD0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 5DE6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qUIB9QEYTraTt1F3G9U_TA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qUIB9QEYTraTt1F3G9U_TA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qUIB9QEYTraTt1F3G9U_TA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MH05D7DW2NRSZ6E72KSS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qUIB9QEYTraTt1F3G9U_TA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 6776 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6776 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:316a:16ef:4691:e00e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 6776 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
L2EvemFpLWppYS15b25nLWJhby1tby1zaGVuZy1yZW4tbmlhbi16aHVhbi0xNzBtby1qaW4tZmEtbWVpLXphbi13YW4tbWVpLWdvbmctenVvLWNodWFuLWRpLWR1LXRlLW5lbmctbGlhbmcuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvemFpLWppYS15b25nLWJhby1tby1zaGVuZy1yZW4tbmlhbi16aHVhbi0xNzBtby1qaW4tZmEtbWVpLXphbi13YW4tbWVpLWdvbmctenVvLWNodWFuLWRpLWR1LXRlLW5lbmctbGlhbmcuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:179c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-akamai-country
DE
date
Thu, 07 Sep 2023 23:31:36 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=4, origin; dur=371, ak_p; desc="1694129495964_389027484_12633231_37589_1156_5_0_219";dur=1
content-length
555
expires
Fri, 08 Sep 2023 00:31:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 9F94 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 08:56:04 GMT
age
52531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Sep 2024 08:56:04 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9F94 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 08:56:04 GMT
age
52531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Sep 2024 08:56:04 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9F94 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 08:56:04 GMT
age
52531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Sep 2024 08:56:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9F94 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 08:56:04 GMT
age
52531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Sep 2024 08:56:04 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 9F94 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Sep 2023 08:56:04 GMT
age
52531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Sep 2024 08:56:04 GMT
css
fonts.googleapis.com/ Frame 9F94 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:12:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:35 GMT
css
fonts.googleapis.com/ Frame 9F94 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:17:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:35 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F94 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 07:34:29 GMT
x-content-type-options
nosniff
server
cafe
age
57426
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 08 Sep 2023 07:34:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9F94 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 13:47:11 GMT
x-content-type-options
nosniff
server
cafe
age
35064
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 08 Sep 2023 13:47:11 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/62658820520767384/ Frame 9F94 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/62658820520767384/14763004658117789537?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIpgEQVxgBIAEtAAAAPzCoAThXRQAAgD8&rs=AOga4qn79Dpi93NDEGkHB8dxNj0CoCBQCQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
662386ae332c263dc00580ac485b0fcd4f7cd139534efa33cea2efc07b0e3046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:01:13 GMT
x-content-type-options
nosniff
age
556222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8659
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 10:24:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 31 Aug 2024 13:01:13 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/257798146721312591/ Frame 9F94 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/257798146721312591/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmCJp4NCUWdfSZqc7zxhkwTkfbmdw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
562237d231790f4eab1ddfb16605e6f1e7b13766636c6dd7644b9428b8f5db4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 10:36:54 GMT
x-content-type-options
nosniff
age
478481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14204
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:00:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Sep 2024 10:36:54 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 07CF 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Origin
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 08 Sep 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 07CF 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0-4iiwWi-K515yLrtm66CLQunYFLZ4cPxkq-fjX_mtcetQOVLCCdw9rWISCryUbtZW1y9471Z_Rh6jH5rUWHkWwoBHQ&cry=1&dbm_d=AKAmf-D7dOVkb1WlLW0KPmj6ZKFRJcINCNrakZ4G5PRGmc8TR7sn6uxmmPSsJ1mmh7oQdibnD-_p80L1Yg3j8H1HnNUIF46RTrxc7saSWfBlwuShoSP73AunvMFDSOZXG_92zWbQ4j0adZM4yqvAYxg1T6mhsLOykdXs6cnhgdeKBdSyb3fqULqM3NEPEIeMzipFX99k9JrKLyt2LgK6Ky1iDA7tdpTIt0eQ8sjZwbvf-JtFX9NsQS7Q-kW_HpikqJSPOfB0sFH-q3RYjwlhRuccZJ8ZNbY-PnPuEf4DtpOM9WbCpkxMgYhhWmubdLsRTHyk0OFwKSw1Jwha63MbwH9u_aZJRzXsrV76WIPC-hDt3AbrY1O6AjHijMAMiu6nFb76XeGuyHu1Ooyz023KviE1_PCtpPOqK_52setiOEZy8TyCK5fxLUXG9iMjt36IhMfQrdaKrpW2nWPvExRxmB8R7Z3MnVrQaiQ2dxgZfwg3rwm78-r2IdsTURYbNpYYwtZIHN_3B5nKVs3XlcMZ9mtfWpT9-0RDKcalH7KznYDQT9oeuJ_9mAATN0acvvtu0SlMB3CT4APyB9_q6_D3WIdqSD1mJJqINzhTX8rzRzQjN6UW1u8m6QIJOzRSQQlJDmNjkUAJUkVT1hRNEpy4QM0GX7Pqo5dlr8Y_9HOT_sgYWVjZmICkTUsKL6qY_0CM7jCXO-oFMTk7AS9Lbcc7lyQditaNeFPykUKyzFHxT28LA0n9vxcqpOIHsHT1D-CM6VraEmW-ygqBvird0LfpxKHEImLxFIGcHRYN6eoMv325KKTgW0DnWd__zzRdXdDce84VLxhB2fYWeBdtSuyrVM3upqb3oebnWkMOGXgzLIXXQ5cQldtXxQpMCz-dVtMEJejSEnr3ekja-cd8R8VT_K_ZBZeHj_zSwTQJMP3HoFvKCvhvx9LvR90nDSsQ_LvOHPfd1CzxKdVUdfZ6I2cKlcRb-EYXfKoYsuBU19Lmi72-DDdFnF5kSwia4klkG2aXIu9Ew8ldu_zezKH9dPvwG119PVA9BiJ_XA0SGf3VO--iQo_bCHKjpl0fo9xggku1n6Nwj9y0njMe3Izru7BK6TCEvhm7WQTfwlK6k6ZjiQWeZDJ_Y-KVcD3nLWgQxmk-PVMZmE6nZtoh5Vb-VQJxZVXGu3O2RRuvYVt7b2GKzWsUMSEnpcOeISa43HonpQaClwnoSH7bjnMPhI8bmxM76RdWbOnA1nXpgd6slvUDIXpDaVXpugb4LuI2nFWXo7r82wQYth1AruvRsyMaUJdA25gEBtmKMspq9y4kVwbqDb_gk7drUtGnsdrQBCWZHeg_gxQReFH7KsLSpCM13pqf0xN7KMEoEjevjoY9ztGfrpONnQD2OtXXSJ6ZDDnY2X9s_bij4VqBf_ftyhQft-oB7I9BkSR7tzBp0VZaBmF-hoWNuR0dktmkz3SPCL_umv7LWvuJG_lnMYIv1IO7rwc5jNTlGqADkKagiPtBneFqAp0xCuERgKINsi3aDrxv-CPfSKtJa_R0aKolHjTmRlZ87EM-SlVeO3lGokCTYMu7W-WICv1yd4WPXGj0cDsJmZyzeufnPqWbpkOLYUljtAQQoXvzENXfFUEpYMRl19kvsF4AxX2z1JeTZAQd6NIM_C7h35-qUiFa3f6RVcLKs6TZnu1vmS9uXWbMvw90Z0OYPuZ7ZhYr065sc5DhXqhLnIg4b6XwTKZiYfZiP0qzQPRYjrrBGuHSAQFo-fAxI18l3ZfLqBv_T9c7Z9vqw_ZkLS-zrK6vtp7F5Xvi6Gr45usiiu226duP265rvaLGx-fMeNnRsJj39uoqgbgt9tfA-iDBApAeHxhzqfLid7tp9dns-oYHdLvgbmj81frEmpLgCvWJy7xaBwKLXX7tPi2xBpfVMutlfgQXRwLJLcJVbHutBDNFzzImscerXxsmMTFUj4NisIWftKNzrxMwQL_WFE6enCutKSfOTKNy0hOyqkg_9v-5jKE7qFp_CBU7u5yGD0TI5S-2eWPamlSf82jDbisA6vLN-BjBVh30fZI0bdI7S2sAwOUanZgRfqedp6NtyFw20nOuyx0oQxHaK0U3dbZtj2GD3L4YTKVQjM1wXKy8x3V_3sKwj9RT5ehFT9e3LBH1Cc-OydeggcCW0xQyMlLkNa0wIW_7qJoop1Yk8kvDPLvXagVEpKjnlvjGrX6HzOBG9UJBIMDJVSnu_oPnfdSsHmm0hNWMGi5odhH4eFWP9wWIs4iL_ZrEORtWpCSHt_5Xoix6wtg2XLsAgFJKB_hRm1ai6SY7dtXYrmDjq8esFy52IjrpXovtashok1fD9wSDmOVTRpf1_55PFaZeG225yvsRhj86I_dHw0RNcL29Dm_8rJzWc_QLMDUURohzwFNmNJRF1CE2l9eBgtskNIMMJiCd4vrSq2ENcBal9MWdkYlD2OP6gqC8lzTEDHIxNpkVzkEg_zraZWuz6msqeT6-uxeTrvYZn87EFBkL9sXWchgOMf2i2uybhYLur1PeocjZP3izecbnrB0RVhoZR_vNoxxX2RTPpMG_6if71_jM94f2Lz7Ca2rpHhIOF_zmAlbzTGhWRAkwH0i8ZF5uLvO0bB9zZsziP7_hOgIOx8bLn4F7WtWgep46GmQV5eueUEd1L-srhKwpaTd48rSHspB9vogdor3MU5jLVPEXxAiFjP51Tq2aV_UyZ5PtoXHjn4Xkn5Jy10616c-gEEBbC1AZdp-7czoismp06W_LxMmJqd3Nn7B0MdJ8KqdZhY3mUeY5ZUjXgaAb3jVUZNy1cTOI5PrBGTF5mK2KxZdFK3vIxf5iGD_gVZPNZvkLXhDwbIoNmJbuRvKsbAJJyok2rTdW-AIVY-4mtpDTjVdD6VG7PUr1EagOye3RsMBtmk-HS-gt06LM0HQdg7XaRnERJcsw4kWIo7njlsyduVNuxwjfUPBPK68C1ji6UZ6e4UivVOJjvv7tGW6MRa-tfj55vpq9Oy95ZXK9QEkYqRgdU6pOM5wtKFIQs9KCeqOl0kxeEWSAU80nok7Yxfat_k8o66FlNJEENa4W0k1WR4Y0D3dCrfrU-chSOKhOPdtSq38HWTyzsmYY1EX_e1Jhajqb_ba9T8WXOEBZsCW8aEIXfJrt_RPTeVBPe3BbH5SwHdqowyrGDB7TSnSq0MK9R0bP3ajGN4HBh9_kkW0iISfspsRfXSn-CMS1yHfm5jB4Q1B11o7ebzKv4iW6r5iM1LaVwieLRoBvTYUSzWGt2uThnNA7sUPlNR2FVyhBMyeXqyVMMNuGjPqW3JmmWNklTH_y6gEn113J0Mmg5JlsH-xNMf6b0qWpNqArsEcwS4nzyDQ_CaZEYe6ZSzoY5iUqjoCmcABnC1_lJGdwHhkuCI0hkjkhNoVyQ4mXFRbQJ_g2RivcyHSAb7AkkYYuvlR5KM-nNG9p2Z6UHmKGhl19VkERtjM_Kgayl37AL-KmW66Zg8AsFmVAZXLFP6yHJQP1Eo-WryE29KAGmGtEQ5AS8BnSQ9OQVhcGMX3nAdjpOWqBhiAmW7qd3-MEFtlRIngXCmUFqnuPoPIJnqo4RHx1U8PUE0x5t801UmoIUIrmD3Y44p_ElhDqzJlPefrQx6NSlGVx1Dd3GG802yyCws_5ZCfgucGbx3a5K66LbU_YmjQAYntWTho1CGvgtiRr-ak9RJmZ6satso4HSx2_sPdh8dRwItlmka-nOp35J9HvbJp2U_oQurCRrc7EdJxm8u8B5bD3EhzLG9foc5Zftue86yY88VeGpGwXL5UN8t6aLIUQcWuvqwjKHPWJVLxZMbFRO0umIfjPFnxbcaG0OLXKwrZ1fYUeKfNkmEO9N4RVZnVeI3--5Ooi2P0DTXGfdq0oeY1b5XsO3TogjZz4aGtJq_uVJtJLTVycZOU3DSuQJH2cI7meG2iTWhnO21a388A&cid=CAQSSwBpAlJWr9UW0V5bNKXgx0zMDWQCIg1g1yzk-qzupp8p6y1rmLZUKSA8p0OSao7SBWtcKFmk3uYP8qt-WFKrnRmymbLdrjy5B6v7IBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=11128412956603080000&adk=1877897943&idt=117&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
33505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:13:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 07CF 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D0-4iiwWi-K515yLrtm66CLQunYFLZ4cPxkq-fjX_mtcetQOVLCCdw9rWISCryUbtZW1y9471Z_Rh6jH5rUWHkWwoBHQ&cry=1&dbm_d=AKAmf-D7dOVkb1WlLW0KPmj6ZKFRJcINCNrakZ4G5PRGmc8TR7sn6uxmmPSsJ1mmh7oQdibnD-_p80L1Yg3j8H1HnNUIF46RTrxc7saSWfBlwuShoSP73AunvMFDSOZXG_92zWbQ4j0adZM4yqvAYxg1T6mhsLOykdXs6cnhgdeKBdSyb3fqULqM3NEPEIeMzipFX99k9JrKLyt2LgK6Ky1iDA7tdpTIt0eQ8sjZwbvf-JtFX9NsQS7Q-kW_HpikqJSPOfB0sFH-q3RYjwlhRuccZJ8ZNbY-PnPuEf4DtpOM9WbCpkxMgYhhWmubdLsRTHyk0OFwKSw1Jwha63MbwH9u_aZJRzXsrV76WIPC-hDt3AbrY1O6AjHijMAMiu6nFb76XeGuyHu1Ooyz023KviE1_PCtpPOqK_52setiOEZy8TyCK5fxLUXG9iMjt36IhMfQrdaKrpW2nWPvExRxmB8R7Z3MnVrQaiQ2dxgZfwg3rwm78-r2IdsTURYbNpYYwtZIHN_3B5nKVs3XlcMZ9mtfWpT9-0RDKcalH7KznYDQT9oeuJ_9mAATN0acvvtu0SlMB3CT4APyB9_q6_D3WIdqSD1mJJqINzhTX8rzRzQjN6UW1u8m6QIJOzRSQQlJDmNjkUAJUkVT1hRNEpy4QM0GX7Pqo5dlr8Y_9HOT_sgYWVjZmICkTUsKL6qY_0CM7jCXO-oFMTk7AS9Lbcc7lyQditaNeFPykUKyzFHxT28LA0n9vxcqpOIHsHT1D-CM6VraEmW-ygqBvird0LfpxKHEImLxFIGcHRYN6eoMv325KKTgW0DnWd__zzRdXdDce84VLxhB2fYWeBdtSuyrVM3upqb3oebnWkMOGXgzLIXXQ5cQldtXxQpMCz-dVtMEJejSEnr3ekja-cd8R8VT_K_ZBZeHj_zSwTQJMP3HoFvKCvhvx9LvR90nDSsQ_LvOHPfd1CzxKdVUdfZ6I2cKlcRb-EYXfKoYsuBU19Lmi72-DDdFnF5kSwia4klkG2aXIu9Ew8ldu_zezKH9dPvwG119PVA9BiJ_XA0SGf3VO--iQo_bCHKjpl0fo9xggku1n6Nwj9y0njMe3Izru7BK6TCEvhm7WQTfwlK6k6ZjiQWeZDJ_Y-KVcD3nLWgQxmk-PVMZmE6nZtoh5Vb-VQJxZVXGu3O2RRuvYVt7b2GKzWsUMSEnpcOeISa43HonpQaClwnoSH7bjnMPhI8bmxM76RdWbOnA1nXpgd6slvUDIXpDaVXpugb4LuI2nFWXo7r82wQYth1AruvRsyMaUJdA25gEBtmKMspq9y4kVwbqDb_gk7drUtGnsdrQBCWZHeg_gxQReFH7KsLSpCM13pqf0xN7KMEoEjevjoY9ztGfrpONnQD2OtXXSJ6ZDDnY2X9s_bij4VqBf_ftyhQft-oB7I9BkSR7tzBp0VZaBmF-hoWNuR0dktmkz3SPCL_umv7LWvuJG_lnMYIv1IO7rwc5jNTlGqADkKagiPtBneFqAp0xCuERgKINsi3aDrxv-CPfSKtJa_R0aKolHjTmRlZ87EM-SlVeO3lGokCTYMu7W-WICv1yd4WPXGj0cDsJmZyzeufnPqWbpkOLYUljtAQQoXvzENXfFUEpYMRl19kvsF4AxX2z1JeTZAQd6NIM_C7h35-qUiFa3f6RVcLKs6TZnu1vmS9uXWbMvw90Z0OYPuZ7ZhYr065sc5DhXqhLnIg4b6XwTKZiYfZiP0qzQPRYjrrBGuHSAQFo-fAxI18l3ZfLqBv_T9c7Z9vqw_ZkLS-zrK6vtp7F5Xvi6Gr45usiiu226duP265rvaLGx-fMeNnRsJj39uoqgbgt9tfA-iDBApAeHxhzqfLid7tp9dns-oYHdLvgbmj81frEmpLgCvWJy7xaBwKLXX7tPi2xBpfVMutlfgQXRwLJLcJVbHutBDNFzzImscerXxsmMTFUj4NisIWftKNzrxMwQL_WFE6enCutKSfOTKNy0hOyqkg_9v-5jKE7qFp_CBU7u5yGD0TI5S-2eWPamlSf82jDbisA6vLN-BjBVh30fZI0bdI7S2sAwOUanZgRfqedp6NtyFw20nOuyx0oQxHaK0U3dbZtj2GD3L4YTKVQjM1wXKy8x3V_3sKwj9RT5ehFT9e3LBH1Cc-OydeggcCW0xQyMlLkNa0wIW_7qJoop1Yk8kvDPLvXagVEpKjnlvjGrX6HzOBG9UJBIMDJVSnu_oPnfdSsHmm0hNWMGi5odhH4eFWP9wWIs4iL_ZrEORtWpCSHt_5Xoix6wtg2XLsAgFJKB_hRm1ai6SY7dtXYrmDjq8esFy52IjrpXovtashok1fD9wSDmOVTRpf1_55PFaZeG225yvsRhj86I_dHw0RNcL29Dm_8rJzWc_QLMDUURohzwFNmNJRF1CE2l9eBgtskNIMMJiCd4vrSq2ENcBal9MWdkYlD2OP6gqC8lzTEDHIxNpkVzkEg_zraZWuz6msqeT6-uxeTrvYZn87EFBkL9sXWchgOMf2i2uybhYLur1PeocjZP3izecbnrB0RVhoZR_vNoxxX2RTPpMG_6if71_jM94f2Lz7Ca2rpHhIOF_zmAlbzTGhWRAkwH0i8ZF5uLvO0bB9zZsziP7_hOgIOx8bLn4F7WtWgep46GmQV5eueUEd1L-srhKwpaTd48rSHspB9vogdor3MU5jLVPEXxAiFjP51Tq2aV_UyZ5PtoXHjn4Xkn5Jy10616c-gEEBbC1AZdp-7czoismp06W_LxMmJqd3Nn7B0MdJ8KqdZhY3mUeY5ZUjXgaAb3jVUZNy1cTOI5PrBGTF5mK2KxZdFK3vIxf5iGD_gVZPNZvkLXhDwbIoNmJbuRvKsbAJJyok2rTdW-AIVY-4mtpDTjVdD6VG7PUr1EagOye3RsMBtmk-HS-gt06LM0HQdg7XaRnERJcsw4kWIo7njlsyduVNuxwjfUPBPK68C1ji6UZ6e4UivVOJjvv7tGW6MRa-tfj55vpq9Oy95ZXK9QEkYqRgdU6pOM5wtKFIQs9KCeqOl0kxeEWSAU80nok7Yxfat_k8o66FlNJEENa4W0k1WR4Y0D3dCrfrU-chSOKhOPdtSq38HWTyzsmYY1EX_e1Jhajqb_ba9T8WXOEBZsCW8aEIXfJrt_RPTeVBPe3BbH5SwHdqowyrGDB7TSnSq0MK9R0bP3ajGN4HBh9_kkW0iISfspsRfXSn-CMS1yHfm5jB4Q1B11o7ebzKv4iW6r5iM1LaVwieLRoBvTYUSzWGt2uThnNA7sUPlNR2FVyhBMyeXqyVMMNuGjPqW3JmmWNklTH_y6gEn113J0Mmg5JlsH-xNMf6b0qWpNqArsEcwS4nzyDQ_CaZEYe6ZSzoY5iUqjoCmcABnC1_lJGdwHhkuCI0hkjkhNoVyQ4mXFRbQJ_g2RivcyHSAb7AkkYYuvlR5KM-nNG9p2Z6UHmKGhl19VkERtjM_Kgayl37AL-KmW66Zg8AsFmVAZXLFP6yHJQP1Eo-WryE29KAGmGtEQ5AS8BnSQ9OQVhcGMX3nAdjpOWqBhiAmW7qd3-MEFtlRIngXCmUFqnuPoPIJnqo4RHx1U8PUE0x5t801UmoIUIrmD3Y44p_ElhDqzJlPefrQx6NSlGVx1Dd3GG802yyCws_5ZCfgucGbx3a5K66LbU_YmjQAYntWTho1CGvgtiRr-ak9RJmZ6satso4HSx2_sPdh8dRwItlmka-nOp35J9HvbJp2U_oQurCRrc7EdJxm8u8B5bD3EhzLG9foc5Zftue86yY88VeGpGwXL5UN8t6aLIUQcWuvqwjKHPWJVLxZMbFRO0umIfjPFnxbcaG0OLXKwrZ1fYUeKfNkmEO9N4RVZnVeI3--5Ooi2P0DTXGfdq0oeY1b5XsO3TogjZz4aGtJq_uVJtJLTVycZOU3DSuQJH2cI7meG2iTWhnO21a388A&cid=CAQSSwBpAlJWr9UW0V5bNKXgx0zMDWQCIg1g1yzk-qzupp8p6y1rmLZUKSA8p0OSao7SBWtcKFmk3uYP8qt-WFKrnRmymbLdrjy5B6v7IBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.bg3.co%2F&ds=l&xdt=1&iif=1&cor=11128412956603080000&adk=1877897943&idt=117&cac=0&dtd=33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:11:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
33595
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:11:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 07CF 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
503420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 03:41:15 GMT
truncated
/ Frame 9F94 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27b573dbfea6334a0044c549212a037b6e54491aac4b145f0da2643508e85b55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/ Frame 24C8 		60 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5007811785868b961ce455789e0231b9c66e0c6fb94d13ecbe05af13bbead0d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
16771
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 22:01:30 GMT
expires
Fri, 06 Sep 2024 22:01:30 GMT
last-modified
Thu, 24 Aug 2023 14:18:13 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSg-V136ZPm6FYPB9u8P2uK-8AK1ssrtcrOIvrv4EfG4tLOUHRABILqEwDNgldqIgpgHoAHjn-XNA8gBCakCRwA480jysT7gAgCoAwHIA0iqBPsCT9Bfn1yXs4SlzqcTXm0EwKRnp0G2p9XroggVXepUkIPdAJ90iHaWVq5HUQFrC3CbcgY7TziZuBd5MsS1IZN1x8U4blS3m267q8kGiv5ThMmOQrWOVlgxRqy_X9VDWNMwoXI451LqG87uQ296HqDXoCdz046PRvh6xHXADpHGK-M8RGkYLaqBOafNf5Q5rCi6rsRATWSNkyHlSvXUsKAIm1Nw0KqI27m-ulD3aO0m6BzwHY8oUQ6OpRU9HziGG7RT2g94Jr0NmNIG-Gh6YB8pByIG2UGMlbqr-hUlh2I_E688F7hqpj4qTlXQ2rfJMFED2KEWpldL40FkoaQlZIwuQCw_7yMJgk9rU7uH1pBHvjERh6wHEOvw2MioDDiVtqe_inn8FA-G87AvW9oc-cN_aDabQLzH93V2Dhi3WA6yhLgBjnTBWOiPS34FwL9A35_TTtfFJkBf9Y9K8tEaIiL6Tn8PdBtdc5KSr1Iz9B0C4Ow5BiXypmbhAPCT1MAE0K_GgNAE4AQBiAWdgZm9TKAGLoAH7LbxAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELrTC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTryCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCaCUFodHRwczovL3d3dy5ib3R0LmRlL3VudGVybmVobWVuL3ZlcmFuc3RhbHR1bmdlbi9kZXV0c2NobGFuZC9tb3Rla4AKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi0xMzI1MzQwNDI5ODIzNTAyGMqrHg&sigh=24kEavy2tsY&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWb_sVIcyiFBUqZfUsLvSXSJNhABAh6uBx2L7JiyPfyJA7Vx-fHEraDZH5o3rlbFbFsGrulp89GAE&template_id=419&nis=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame F87C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CgSg-V136ZPm6FYPB9u8P2uK-8AK1ssrtcrOIvrv4EfG4tLOUHRABILqEwDNgldqIgpgHoAHjn-XNA8gBCakCRwA480jysT7gAgCoAwHIA0iqBPsCT9Bfn1yXs4SlzqcTXm0EwKRnp0G2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228275433126865997800%22,%22debug_reporting%22:true,%22destination%22:%22https://bott.de%22,%22event_report_window%22:%22259...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228275433126865997800%22,%22debug_reporting%22:true,%22destination%22:%22https://bott.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968445923%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217489153077985603921%22}&andc=true
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8275433126865997800","debug_reporting":true,"destination":"https://bott.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968445923"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"17489153077985603921"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 07 Sep 2023 23:31:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8275433126865997800","debug_reporting":true,"destination":"https://bott.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["968445923"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"17489153077985603921"}&andc=true
access-control-allow-origin
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame F87C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame DF03 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:08:14 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F87C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame F87C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame CB6F 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca0bc1800b46a9fcb03c5949f5e4cef09fe3b7db5bfb3f5f8440f1d41caac1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131269
x-xss-protection
0
server
cafe
etag
11343594640769071454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame 7B74 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82352
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 00:39:04 GMT
etag
8554266389219770021
expires
Thu, 21 Sep 2023 00:39:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-4485239425924787&p_c=ca-pub-1325340429823502%2Cca-pub-5896340931738974%2Cca-pub-1203149545224208%2Cca-pub-9208708170783140%2Cca-pub-5761017298734489%2Cca-pub-5961800537962381%2Cca-pub-3216231935713038%2Cca-pub-4126554779393986%2Cca-pub-8610050614645263%2Cca-pub-5855149998903976%2Cca-pub-6764341647679797&b_v=r20230906&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 07 Sep 2023 23:31:36 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3852
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1694129496.176369,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
61
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
416
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ Frame AF02 		377 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d77229f869546d4dc712c44c3d9853c514266ed85d023de0e24b5c0eecffcb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131262
x-xss-protection
0
server
cafe
etag
7976894967885208013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:36 GMT
css
fonts.googleapis.com/ Frame 24C8 		1013 B
423 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Hind:regular
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:02:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:36 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 24C8 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 19:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13531
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 08 Sep 2023 19:46:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 24C8 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 02:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
76440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 08 Sep 2023 02:17:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9F94 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
588284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9F94 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
507387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 02:35:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228275433126865997800%22,%22debug_reporting%22:true,%22destination%22:%22https://bott.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22968445923%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217489153077985603921%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1622&cid=amp-udQFIlQG5LuznbBIizYJ5g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dr=&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1694129496&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-udQFIlQG5LuznbBIizYJ5g&aip=1&sid=1694129496&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2CAB 		492 B
265 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4411346609652208&correlator=2417098616222958&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694129496349&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tt8sp13elkqt&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNq9UxXujjWN0_lyxY_cmgatTRyJOWq0K47Ga7_hU1ryF-tZl6RLuNnY7lGsIXpnXOiSVyRT49RoXlnkR5OTqFrZWlCYsok43dv4znXTfuQZmzLEaK3gWy1WWLPypQzYG7Chqbx6DG3L4qGo4ML9dWXTiMakc4Lri2ILlh7aZtUnzGb_JroZ9U_Sx1AxYHXFybJtCWqzoiH_Wfd8FRR4_8YeWo&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1622783341.1694129496&ga_sid=1694129496&ga_hid=1294890166&ga_fc=false&dlt=1694129495428&idt=693&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6f06015168e31dd14b37289cbf8dd97b8dba45f083b0c9a7bf9ae365d97090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2CAB 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d28bda55c40c5770fc9daddaf9b0a1ac52882cf738395dfdbe5bf97f5f7a22a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
container.html
b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E86F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
expires
Fri, 06 Sep 2024 23:31:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-udQFIlQG5LuznbBIizYJ5g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.06799001680583672&gjid=0.9479740051413625&_r=1&a=1622&z=0.9539982191944061&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial.html
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/ Frame B8A8 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47f58a924e2dea4166088dcbe825c4e68f56d5182f8d40079e603f26008b7dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
219213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2426
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 10:38:03 GMT
expires
Wed, 04 Sep 2024 10:38:03 GMT
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f6d6277ab06b5e13778a38618449775d36fcc5ca8962b4085459451f773e992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90911
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Sep 2023 23:31:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9F94
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Redirect headers

date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame CB6F 		210 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e872af508f6b0e229926d4369e6a2b84a10ff5342894601aad7d554c816d632e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1758 		87 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8443e5d0db8e740895d4feefd5cef826c0375ca49c710bbe9c6b0aec499515ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
32944
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DF03
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
expires
Thu, 07 Sep 2023 23:31:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0664 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
406791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 06:31:45 GMT
expires
Mon, 02 Sep 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame AF02 		210 B
263 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dc8149f3046ad263214f23ecd2305253c6836e3f14277a5b1f90daa35d25e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BF8F 		88 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1511f10d2b457048f36c9ee9f39c5f211c0ab19e5018724488e35ced93d4d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
33465
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B8A8 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Sep 2023 23:31:36 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame B8A8 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:46:36 GMT
interstitial.js
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/ Frame B8A8 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5a009cb966477a65fc95561fbd24f5e27be6cd4ebf966ab8b4a259e7575791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2752
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:03 GMT
l
www.google.com/ads/measurement/ Frame F87C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRds-2CPH83cvlUmbwmf0jQzHDsC-x5xkdeNuRpa6d3m-oHFiNaWUugSY4MJiZn9CjORZ2VN-nOqXgHzyXY8kAxXz7zWA
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F87C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:36 GMT
truncated
/ Frame F87C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71736625c897f816fc0e333aa593e0ccb7f51bfeb2e7ec76906faa4948bb72aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ Frame 24C8 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:44:11 GMT
x-content-type-options
nosniff
age
215245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16216
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Sep 2024 11:44:11 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Sep 2023 23:31:36 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2705
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230073-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1694129497.608211,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
19
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2757
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2CAB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:31:36 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=686803797&cid=2097357468.1694129495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694129496&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230026-FRA
date
Thu, 07 Sep 2023 23:31:36 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 0664 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-J-EV136ZIDIH4uA7_UPpeqHuA7-u7SLcteQ2tnXEfLs0uCyARABILqEwDNgldqIgpgHoAGcibPcA8gBBqkC61PXn0TzsT7gAgCoAwHIAwqqBPkCT9CJn5nbs0xn6Gs6MoAqQhpppwuZ5HWyE2S-MuK5hP_7zldYHH1dq55-CYNbqA2FR2Osc6lzGEhek4HfqnY0px44rkHoye4cjyfiLu0Fhdet4sSzLDSBZb3xUoXHFr_FO8eJka2V9Z6gI9DMELJYEzkaSgssB7PK_19j-ZnmWMNN46NtvyEsaf5TbY2x44uULa9_lAxkx3XLCL3muWEj-iyMWNvF9rb7PlcOzS7APgIKFGk-EcqJ0hDcSvcDZ8Vv5bcT91ZfZUxvSCGKkHcm4kcj7YulDupnWw4LV9JL_XwawMQRPDrVK3Jla_G1ILp8lsmIX5uOSJVgohpRbcQKl0CVQm9tDPUDEyzdt1p5c2c9lp4V0UWhTyUjhkGe9AYZhhZmoKn6bVBVapYuTuXgEQS5SyUY9NYrDW3n9CRE9pomV6aKDHhIhKPOa-2XWZwjlF3IZ_H9tsARuTsL3cbazy7dYFpVI2Pp071xaC4QlwIMxx5vfU7S6PnABJ_818u_BOAEAYgFjaOv_UugBjeAB8z2zCOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC8kQrSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwmgmJAWh0dHBzOi8vaW5mby50b3lvdGEtZm9ya2xpZnRzLmRlL3R5cm8vaG90LWRlYWw_dXRtX2NhbXBhaWduPUZZMjQlMjAlN0MlMjBUeXJvJTIwQWt0aW9uJTIwSG90JTIwRGVhbHMmdXRtX3NvdXJjZT1wcGMmdXRtX21lZGl1bT1nb29nbGUtYWRzgAoDyAsB2BMDiBQC0BUBmBYBgBcBshceChwIABIUcHViLTEzMjUzNDA0Mjk4MjM1MDIYyqse&sigh=3uHY-rxrep8&uach_m=[]&ase=2&cid=CAQSOwBpAlJWkBaMLI9ejEPh4nLmC2iRiO8yk3GA7-6ulpUwUG7oUZp4C_GWqAyHCGK4smepiVOKXh0Ufga3GAE&template_id=492&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
bg.jpg
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/bg.jpg
Requested by
Host: 9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
599645e72040955c480e59dcf08c70f42da9034396003590b62bf0c7bc9aefa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 05:39:49 GMT
x-content-type-options
nosniff
age
150707
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102858
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Sep 2024 05:39:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3967 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EB70 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
074704404de81b65e6b36ef8376a485e0a896466aabad00e335afd147e6e264d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p93WBZ3ZSfrnwRanATDBlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-p93WBZ3ZSfrnwRanATDBlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:36 GMT
expires
Thu, 07 Sep 2023 23:31:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=dc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-store
server
nginx
css
fonts.googleapis.com/ Frame 1758 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:11:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1758 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 1758 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1758 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 1758 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame 1758 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM2m58OvPOOmXLIqAfA44PFe0V8TfB5b7NKFQ79YDtnldTwWWyeBkuKN_qEte70n5qXI03Tl17MKgfaXPiK1WOEe92pQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1758 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:36 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 1758 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 24C8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161956
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
perfo-muster.-gruenpng.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/ Frame 24C8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/perfo-muster.-gruenpng.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
946f1da9df8e22db61c01040f23bc327195e43772dfdd05502e8cc9930199905
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 07 Sep 2023 22:01:30 GMT
x-content-type-options
nosniff
age
5406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1162
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 14:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Sep 2024 22:01:30 GMT
bottLogo.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/ Frame 24C8 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/bottLogo.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7473ff09b8a826454a8134b4bf6480eebddf2472895fdebb7beb890370041610
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 07 Sep 2023 22:01:30 GMT
x-content-type-options
nosniff
age
5406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8414
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 14:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Sep 2024 22:01:30 GMT
arrow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/ Frame 24C8 		1019 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15131076705394902309/arrow.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da4d15a075083deab119ac64cc68d7a0996206e311178cb2cc7a327b9ee274f1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 07 Sep 2023 22:01:30 GMT
x-content-type-options
nosniff
age
5406
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1019
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 14:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Sep 2024 22:01:30 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B68 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
condi.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/condi.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02a3ddd8fd97c57e698963bcb82f8d98ded2109db4db4d126e560c71f9c04c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2258
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/15906186015437893607/ Frame 1758 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15906186015437893607/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52221357abe53db1d45fde755989c33ac434a551b8c84288c18a486d6ddd9135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 04:38:17 GMT
x-content-type-options
nosniff
age
327199
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59279
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 16:17:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Sep 2024 04:38:17 GMT
truncated
/ Frame 1758 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a5d78fcc94b997024e3c1fb9205df512836b208e877b08eaf6e4cecb6b7566

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame BF8F 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Sep 2023 23:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 22:16:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Sep 2023 23:31:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame BF8F 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame BF8F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
33795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:08:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame BF8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame BF8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame BF8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTti3srPN9x-y--HyVX4TIXf6lwzyBMLKXgD3cni2vX0agJF5yOrQwq8GYAEVlSONftRWif3bz7KmB3rk7JacNEGwQ56A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF8F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:37 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame BF8F 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
595347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
cta.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/cta.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55cb2ae51a6191c5c7e6926d031ac9c1782416b1e31fa5ccd8fcbcc2cddfdb7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4039
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5F1F 		58 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b2f2bcd94a85b8cde84c5d20eba9baf56334b1315ef35370c577bff28b9853e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
20411
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/15906186015437893607/ Frame BF8F 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15906186015437893607/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52221357abe53db1d45fde755989c33ac434a551b8c84288c18a486d6ddd9135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 04:38:17 GMT
x-content-type-options
nosniff
age
327200
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59279
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 16:17:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 03 Sep 2024 04:38:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A150 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1758 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4d19bb4691e512d5d012ed02270e094b6ebbae4aa998ed6611456b068eb3471

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 2B68 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOjp1kCHYWYE52kQHFsvYHo&google_cver=1&google_push=AXcoOmQWLM_Mx1XrVO9-5WctTjVynTKQeIjg-KxqNwMgteYftmeL8P2xz8VxE2lWtLzLapughko09vT0H2-8rYm_Dyi3Cysmdx8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B68
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECuc7BRG9KWVz-TheJs1Fbs&google_cver=1&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVp...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVpvm_e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVpvm_ehisHlZe1sR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmQyP0QqeY34cLrW7gVNsdB_WBsvqy4pIL4SUsRA8sob14sr59QxZR0CajOoaUdl30ZENYnKDi3t5P1IVpvm_ehisHlZe1sR
Date
Thu, 07 Sep 2023 23:31:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 2B68 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN3bCqb8XxucyS0DAqKPwWI&google_cver=1&google_push=AXcoOmSg5vL9OQqOv2jr-RODhu3YnGUQn2WipCatLTri1z7CRHBtDWBWE-93QgqXltXqFZYlQaP_wWyzJsdzCQHqUhHCaqCgSDs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2B68
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP531E_LKdG_6sdt-noYk6w&google_cver=1&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35kBlSM&google_hm=eS1kdGJFQzB0RTJwRVMuSl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35kBlSM&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRjfYEKpG8Lm7nw-jsMLJYt0SlUmLZJ7_n6yGvHdFjKRdxkzbj8yp3PgXQI1zrqPBfdAt0XN4S-OAw3DnDgC-DWN35kBlSM&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2B68
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQTok...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmQTok7yw2vQMaGJPFzEYTm-uA8l4C1ZC_PXkuUzURWdRpJC6EhXjoxLjmu5cse8SSvYYhed478RYEqo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmQTok7yw2vQMaGJPFzEYTm-uA8l4C1ZC_PXkuUzURWdRpJC6EhXjoxLjmu5cse8SSvYYhed478RYEqoNPmvurJVGQZZp4U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmQTok7yw2vQMaGJPFzEYTm-uA8l4C1ZC_PXkuUzURWdRpJC6EhXjoxLjmu5cse8SSvYYhed478RYEqoNPmvurJVGQZZp4U
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
808044
content-length
0
expires
Thu, 07 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B68
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB1Fycn2necso65Nna0hVds&google_cver=1&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GX...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc4MDQ3ODUzNjI3MDI4MDY0Mjcy&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc4MDQ3ODUzNjI3MDI4MDY0Mjcy&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjc4MDQ3ODUzNjI3MDI4MDY0Mjcy&google_push=AXcoOmR4Q8Hhem5Bk7m0ytfieLJ0be1eDZapEVlHeN4Cyce40_7kTvTh1LuMy4aHH0WB_138LZHJSCJdd3Gbng_ppShQVmly4GXd
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 2B68
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEANIc7c8MaDKEaAObEZjz3g&google_cver=1&google_push=AXcoOmTcAfHueuui4bF__Qu-lz19eKhEP-FoPVbyT4Y6cG8f4nnR2HaDhqklcn_s2LPp66RXKcOgMVQfp6T...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTcAfHueuui4bF__Qu-lz19eKhEP-FoPVbyT4Y6cG8f4nnR2HaDhqklcn_s2LPp66RXKcOgMVQfp6Tc594LL6eX5JV4h8KbQg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2B68 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZRbD2y5urkgXWNp8zy8vOU2nBjDJRScS21xhul7j_ObdzJhXUMMAAg-fmIdCiCBvEULPGMQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame BF8F 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4a5d78fcc94b997024e3c1fb9205df512836b208e877b08eaf6e4cecb6b7566

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar
pagead2.googlesyndication.com/pagead/ Frame EB70 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=4411346609652208&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 3967 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
fixed.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/fixed.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
828ee434cf8789978395f738b0bf4702de182cda07727e654d8bffa83750c875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5043
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1758 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
588285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1758 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
467658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1758 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
547722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 15:22:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CB6F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8517713001e5083fb8174129e1528acf517537757c5752fda8a6c03af12aafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11738
x-xss-protection
0
truncated
/ Frame BF8F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4ddee8fa570c3e4ffdcc04363807d0455d1004833bc3b2c7e91cdc7994af687

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame A150
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOjp1kCHYWYE52kQHFsvYHo&google_cver=1&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg89sS5o48LYXVKDcaXGK4ANRHA-UPgVGaHZ_e3B3-TH&google_hm=MStVEQDVmaBI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg89sS5o48LYXVKDcaXGK4ANRHA-UPgVGaHZ_e3B3-TH&google_hm=MStVEQDVmaBIgEtacg6byA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmS_Mqda3y34z80-wvd6f6gD3NaHF1uUfbTOwRvlbalQmQlIv09xNg89sS5o48LYXVKDcaXGK4ANRHA-UPgVGaHZ_e3B3-TH&google_hm=MStVEQDVmaBIgEtacg6byA
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A150
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGiw1GXB23LQ8x8IujyaCiI&google_cver=1&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQNGDE6PRDfpjSi
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQNGDE6PRDfpjSi
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmRoS1kVFJOPuaAqm7r_eMtOWzuOoHg3m4E7rcHRoA-29h4Pyb07-83v3H007DPssUrPtNq7MfTnPHkz7EQNGDE6PRDfpjSi
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 06 Sep 2023 23:31:37 GMT
sync
x.bidswitch.net/ Frame A150 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN3bCqb8XxucyS0DAqKPwWI&google_cver=1&google_push=AXcoOmRH_fwDAvgFrrWrWCmTEqcliACH8U_BqzMH107TmmSr-WBj7s3CV7n4OEWiCvxrDPM1Wv_QTvbFeKyW47DyKIsAeG4od8IR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A150
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRDW3...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmRDW3HQa7C-sXd6SOt8465gPu_FLD8IAFbyMau_WJcl0GOLObYn60RsIshIgzub86wKpZ4llL6e1l5A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmRDW3HQa7C-sXd6SOt8465gPu_FLD8IAFbyMau_WJcl0GOLObYn60RsIshIgzub86wKpZ4llL6e1l5AOH9p9DIYGBB-JKhO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmRDW3HQa7C-sXd6SOt8465gPu_FLD8IAFbyMau_WJcl0GOLObYn60RsIshIgzub86wKpZ4llL6e1l5AOH9p9DIYGBB-JKhO
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
609542
content-length
0
expires
Thu, 07 Sep 2023 00:00:00 GMT
ebda
match.360yield.com/match/ Frame A150 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESENvGiV3e9Wo4QGXTJLEiuwY&google_cver=1&google_push=AXcoOmRY-tnsfgLsUdrFAi1GyyW42K6nPyAU-LPusShE5Tkjt1vw9I1u1pE0Ch9hQKDazNctEXLmkXlOwoytYwia9ls0UP37G7f8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.247.148.218 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 23:31:37 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame A150 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMsgNSDC9oiQwkxHzw4-4e8&google_cver=1&google_push=AXcoOmRIBtO3vTNR5bx918LOkDCHzT21Sd9OI2Mr6WroUusZ0PlpTz89WHBerF_Njqib18D8F1-DZJtS9mb0O3DuhK_VBjQtZhU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-length
0
/
onetag-sys.com/match/ Frame A150
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEANIc7c8MaDKEaAObEZjz3g&google_cver=1&google_push=AXcoOmRl7Df3s4Lp4glu_43g8Cn8RriAK5scwoCWP0WyQ3ssMxyK0nneuEejyFrkiTLMfrAZE8ZJj-UCM1f...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRl7Df3s4Lp4glu_43g8Cn8RriAK5scwoCWP0WyQ3ssMxyK0nneuEejyFrkiTLMfrAZE8ZJj-UCM1f7XxLDVADYA5NsD-9ggA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A150 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K35P6ELIHHcx5qo2BJu3VVRqTk88mQkm0SKR9SdB0KOWAd6lZOqkWJZ09uxZBjnFi0Fbq1hQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
hd.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/hd.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
507659079246386a573bc25ae2c24090adabe089f65f34e98f31233e6c27e650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13873
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame F4CC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495575&bpp=505&bdt=696&idt=893&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=2&ga_vid=1321204084.1694129496&ga_sid=1694129496&ga_hid=727055521&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2088&biw=1600&bih=1200&isw=336&ish=280&ifk=1973785132&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798878%2C31077330%2C31077701%2C44795922%2C44800659%2C31077641&oid=2&pvsid=2931742858660810&tmod=753754727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2jhpc2jv7kf3&btvi=1&fsb=1&dtd=912
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CB6F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:31:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF8F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
588285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF8F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
467658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF8F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
547722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 15:22:55 GMT
preco.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/preco.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbe272c4f96cd19153b4326300be698d9e711932c2ad5ca41f2e44baed48a26b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12583
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AF02 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5511ee4877839cc14442cd4c83ab66c8e8bf88e6346a512b7dec5993af276d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11678
x-xss-protection
0
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame E82C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301110&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694122296&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694129495701&bpp=500&bdt=838&idt=840&shv=r20230906&mjsv=m202308310101&ptt=5&saldr=sd&cookie=ID%3D62854bcfacf7a2f7%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MaUb04JDvM8dwNWVcnvRBw17MPX_g&gpic=UID%3D00000c7026a54111%3AT%3D1694129494%3ART%3D1694129494%3AS%3DALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A&correlator=5380837975153&frm=23&ife=1&pv=1&ga_vid=895966112.1694129497&ga_sid=1694129497&ga_hid=914837306&ga_fc=0&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=2853738389&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C44796700&oid=2&pvsid=3207185805670866&tmod=1234215020&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.e219i5feo7rl&fsb=1&dtd=856
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sh.png
s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/ Frame B8A8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/images/sh.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
753fb7920f24cc72426ef9369c1d7e599f0266c6e25630703d9bbeaba470c963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13439742976063138220/interstitial/interstitial.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 10:38:04 GMT
x-content-type-options
nosniff
age
219213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13607
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 16:09:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Sep 2024 10:38:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AF02 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:31:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83CD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 57E9 		829 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ec86c153f1c6b1aecdad927bfded4a00d69c82401e27dfb334e3a1071e4425c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rigaZooo5xiv52ji2SyXXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-rigaZooo5xiv52ji2SyXXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:37 GMT
expires
Thu, 07 Sep 2023 23:31:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 52E3 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::65 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
26f53181978b273915caf52ede12168abd6685f9e56acbc985ed2415cfd779d6

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 19:13:46 GMT
vary
Accept-Encoding
x-azure-ref
20230907T233137Z-16s0h575kp1hm9n98x2bakgeyg00000000hg00000000vmp0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
73d67335-c01e-00d3-431a-e123de000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/239/ Frame 52E3 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Thu, 07 Sep 2023 23:31:37 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
5052919
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-fra-eddf8230089-FRA
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1694129498.529619,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
5, 207293
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 52E3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 52E3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 14:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 14:05:20 GMT
l
www.google.com/ads/measurement/ Frame 52E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdqcbTTRYB5Nrt6h9rdlGcloGcg9pz1Eq7Ryzn8ueFZO_AAU-iD7ea6xqXeeu3sq-QWNkADNntAUTzOIN0NpyRGtMJ1g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 52E3 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57841
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694001950986259"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:37 GMT
c.gif
www.bing.com/aes/ Frame 52E3
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=137cef91-0fa3-4833-9d3d-533b2b998e86&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=3852cb4d-0b4d-47d5-907...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=92493dbf34a747a396b55d691e520865&SNR=1&GV=2&med=10
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=92493dbf34a747a396b55d691e520865&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Server
2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D5B59B6E0F9B4570AC6237B4EBB92065 Ref B: FRA31EDGE0520 Ref C: 2023-09-07T23:31:37Z
x-cdn-traceid
0.13d53e17.1694129497.3d1bb52d
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 07 Sep 2023 23:31:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F4F9152E8718437382AD45F4EE580A38 Ref B: MIL30EDGE1509 Ref C: 2023-09-07T23:31:37Z
x-cdn-traceid
0.13d53e17.1694129497.3d1bb4ec
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=92493dbf34a747a396b55d691e520865&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0664 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD9RkV136ZKruLe2RjuwPsoymiAYAAAAAOAHgBAI&bg=!goGlgc7NAAa6D61Rmg87ADQBe5WfOPOYXa6BYmQpzxwslGqwhUfdU3F6oy2k29AtpQP9aaYOVHcN9_M19E5_e_N-wSxBAgAAAhJSAAAACmgBB5kDSXtzo892Y4oxYD7Sy0QfHu9ITtxULzsaCztnhJH4P7e4UCtlHRVbSc1G-z-DTX-wRhJsQQZAYs2wumuR1MGv8XoRZIiiTATqD4xvNf5yPei2AizAu9VZkAKjy5zOuYGSq2zzxcCo06rHIQN1XAFhPMxBhiXMVsO0jru113AXljLZDNTsto7srgIYGgX2L1b9RNBO-HfpVpqpSCua5xLAU_MjCbGQ4iOUXkbwKp44av28PJQEGCeDVCMzXpeQYM2htJ9UsEpO6C998_ff8t0ITR_qgSD6xhejD4Q-JOPjNjJlAoc17tnSyZPQzZrz38-GemwgRhdH5mvNKG3QYsbPcFEAxKfKobrpOvV_jMslf8VZrazg2Q_4flSbgQd8LjiDCYYe34LacrC8eGEjYd8lf8ANVw2RP4IITWbNspdOgb2juXNTbeMUDtJEr6VgDpBsHGT3K65uGF7hThihRGxPDsq2bFFow3xa8F_mUWumUiCEfoqVqWCwpDyZOt3khjIQFxo9Rmqi-5hv1OYTb0-PHxSSK6k6aRYlfS8SZ8oAt8PjSaNfViQiYJEj4QTG-Ikhjm-hyPcrltjCm-2JbQYvy4ICOfm8hkZoV2mfNKdKl7iti3KGhTGrlK6m_T6mjVAoQ7Pplb0xb9bc35-spUBosD9E_fT9IdWGDZv6jWTvYXZazTPh93xt_YXDqd_YGpcXfgBL5mM6CJ-Fy8Lkq-5-SNx87WXxL5eBUspM-kgGiVwD3SGMu0hC3mCE7DQDOs0qxSrQgsB22W7v3ItRmUkwO2y1rIJThq0fMbzwYGjqRiN4uxJETYAIcAdF_53RGhIULNkD87BrXQULbLKZtHvgmxBynDXBmlUJU-tAzeNuzwogiDLhcNbvDEfYd5zzHyAahJzKhLvccaqDrF7qiJXwNtIb0DIfd2EA3J25cAqTq425tKbQ_rwzp18rSFYcbW5JRj3p-jkKAHshMNGEhSpYrtJZAiwzbbMP4eMgyhjU_5FevYwzPZq36UWS4OHGYwJ5Nk23FonLQ50RpCCbKOd-2JHPSmm3LtAJtNbaGdaSdTYh5lWWMeok04ypg23TaUoxw3rzrV63-7h68zsnfg3wwtA0ObdMxS7H6Io
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5E9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FD09 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8da16786a2dbff71148a948ff73a6e703df5c1d5dc6b4b0792c4f49a2eb17c1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kqpXNiWbz58yCbcW84aPHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-kqpXNiWbz58yCbcW84aPHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:37 GMT
expires
Thu, 07 Sep 2023 23:31:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 3967 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u8r-eA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 57E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=2931742858660810&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 52E3 		42 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=msan_3p_mv_xandr_3p_pd&uid=0&anx_uid=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EF00185DB0A54202BE97F5DBF7BE8D7E Ref B: FRA31EDGE0510 Ref C: 2023-09-07T23:31:37Z
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
th
www.bing.com/ Frame 52E3 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OAIP.79dc0e7a1ab5814a48f446b868b14978&pid=AdsNative&c=3&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62d3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a95e1c484ca423edc8c702ed9c3573db515a247f39450c3103bd1c94df043d83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.13d53e17.1694129497.3d1bb562
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
26113
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 52E3 		0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&e=wqT_3QLaBOhaAgAAAwDWAAUBCNm66acGEODEwdywvbeGRhgAKjYJiI3RzdtzqT8RciWGAmKwqD8ZAAAAIFyP8j8hcg0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjn9QWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCggFodHRwczovL3d3dy5iZzMuY28vYS96YWktamlhLXlvbmctYmFvLW1vLXNoZW5nLXJlbi1uaWFuLXpodWFuLTE3MG1vLWppbi1mYS1tZWktemFuLXdhbi1tZWktZ29uZy16dW8tY2gBLPBxZGktZHUtdGUtbmVuZy1saWFuZy5odG1sgAMAiAMBkAMAmAMJoAMBqgMAwAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEJS5YiAUBmAUAoAWRu7uTmreQkEzABQDJBQAFARTwP9IFCQkFC0AAAADYBQHgBQHwBajAW_oFBAFcKJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH5_UF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8AeH4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=ec9e6d1dd87c2294287ee1b15573d4598c546458&bdref=https%3A%2F%2Fwww.bg3.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.bg3.co%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D90073500%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-4837580342204099978%26dff%3Dsans-serif%26prev_fmts%3D1600x96%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D2%26pfx%3D0%26pwprc%3D1037897477%26adf%3D16789255%26nhd%3D0%26adx%3D1000%26ady%3D2867%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D55001622%26ga_cid%3Damp-udQFIlQG5LuznbBIizYJ5g%26ga_hid%3D686803797%26dt%3D1694129496679%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%26bdt%3D2654%26dtd%3D100%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3216231935713038%26format%3D400x250%26w%3D400%26h%3D250%26ptt%3D12%26adk%3D90073500%26output%3Dhtml%26bc%3D7%26to%3Dampa%26pv%3D1%26wgl%3D1%26asnt%3D0-4837580342204099978%26dff%3Dsans-serif%26prev_fmts%3D1600x96%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26ifi%3D2%26pfx%3D0%26pwprc%3D1037897477%26adf%3D16789255%26nhd%3D0%26adx%3D1000%26ady%3D2867%26oid%3D2%26is_amp%3D5%26amp_v%3D2308242321000%26d_imp%3D1%26c%3D55001622%26ga_cid%3Damp-udQFIlQG5LuznbBIizYJ5g%26ga_hid%3D686803797%26dt%3D1694129496679%26biw%3D1600%26bih%3D1200%26u_aw%3D1600%26u_ah%3D1200%26u_cd%3D24%26u_w%3D1600%26u_h%3D1200%26u_tz%3D120%26u_his%3D3%26vis%3D1%26scr_x%3D0%26scr_y%3D0%26url%3Dhttps%253A%252F%252Fwww.bg3.co%252Fa%252Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html%26bdt%3D2654%26dtd%3D100%26__amp_source_origin%3Dhttps%253A%252F%252Fwww.bg3.co&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
an-x-request-uuid
5de80718-00f6-4327-99f5-4ff150692a02
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 83CD 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CAE3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 08:56:47 GMT
etag
48472445140208031
expires
Fri, 08 Sep 2023 08:56:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 52E3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4706274d0de4c2a37ae6c65928650b9d797ec347a4c5dab6446912a28920a9e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 52E3 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmQiwWV36ZMKJA-6_iQbGv4aoC9Lg1-Buj6S2k5MKwI23ARABIABgldqIgpgHggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmoAwHIAwKqBMMCT9BsQNyp68LTAByPZHrfjQdMGVAaVl1uidqSwoxVdl1DexKtbKgZ0v_s5D7MYUYKe3J5ij9Wm24Me7UgofG3dArdpLScJpXHesLpGkuOLNPsaxfUfz7NUSx92OYgGtOOHjeMCBlrpEdH3-YU_Crc2qCt-ig5cDrUacJdS_3S-ncYI-t_Qkp7hsOeU8SfjSdyPSD5Yauh1H9PQDZSdP1RhEWZXSkowZrVjjzzcV3tuUavcRMHKqq27ExPnSCWifd4d99sNedV899o3448nYzJATZTne1tFNcgr5VnMgIE-NSDYssZJhLXSyH1iFf_ZkufhYS_4tP9pCxMVq6eX0iP73DqLEsDZkXgEx1MFOAJ2u45DjwLsvjreBhOyDB4xBvS2-_8UXyMp5ACYJROrqzAr9ozCwNkIzyTjDnVIKQogTlcas6ABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzIxNjIzMTkzNTcxMzAzOBgA&sigh=ulEfkU6DfCg&uach_m=[UACH]&cid=CAQSKQBpAlJWHZCPH5wHHBPStsMzJ-lEd4T7pOv-xyQM2fJrGncYD45zT7xBGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Sep 2023 23:31:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame 52E3 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&e=wqT_3QLrB-jrAwAAAwDWAAUBCNm66acGEODEwdywvbeGRhgAKjYJiI3RzdtzqT8RciWGAmKwqD8ZAAAAIFyP8j8hcg0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjn9QWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCggFodHRwczovL3d3dy5iZzMuY28vYS96YWktamlhLXlvbmctYmFvLW1vLXNoZW5nLXJlbi1uaWFuLXpodWFuLTE3MG1vLWppbi1mYS1tZWktemFuLXdhbi1tZWktZ29uZy16dW8tY2gBLLhkaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWyAAwCIAwGQAwCYAwmgAwGqA5ADCqoCaC6YAPBpaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zODUyY2I0ZC0wYjRkLTQ3ZDUtOTA3Yy03MGQzYzc5MmI4NDYmY21FeHBJZD1MVjImb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BpX3ZxZmxhcGhleSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUwNDc2NTMyODM5NTY1NDgxOTIiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqT0RBME56QTJNalEwTmpJek9EZxEU8FUzTkRnNE5EUTFORGM9wAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukG_WIgFAZgFAKAFkbu7k5q3kJBMwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWowFv6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfn9QXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=9f3981777226d777230f3e31773d45e9a771fea4&pp=ZPpdWQAAxMIKwl_uAAGfxjGcXO6gkbyc8Ap_Gw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCu8A3WV36ZMKJA-6_iQbGv4aoC9Lg1-Buj6S2k5MKwI23ARABIABgldqIgpgHggEXY2EtcHViLTMyMTYyMzE5MzU3MTMwMzjIAQmoAwHIAwKqBMYCT9BsQNyp68LTAByPZHrfjQdMGVAaVl1uidqSwoxVdl1DexKtbKgZ0v_s5D7MYUYKe3J5ij9Wm24Me7UgofG3dArdpLScJpXHesLpGkuOLNPsaxfUfz7NUSx92OYgGtOOHjeMCBlrpEdH3-YU_Crc2qCt-ig5cDrUacJdS_3S-ncYI-t_Qkp7hsOeU8SfjSdyPSD5Yauh1H9PQDZSdP1RhEWZXSkowZrVjjzzcV3tuUavcRMHKqq27ExPnSCWifd4d99sNedV899o3448nYzJATZTne1tFNcgr5VnMgIE-NSDYssZJhLXSyH1iFf_ZkufhYS_4tP9pCxMVq6eX0iP73DqLEsDZkXgEx1MFOAJ2u45DjwLsvjreBhOyDB4hhnzSS1YqxEYXeS3_s3KGKjjpV46JRu9gbrKCIVVCogwQbi-B1pTsk2ABr-Q-8Cx4MqI4wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0kNvrSAm7qLTRRSL8JLzqHjOwsXg%26client%3Dca-pub-3216231935713038%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
an-x-request-uuid
ee9c9a9c-e983-4207-a1e8-c98cefce4f0a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 52E3 		0
672 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&e=wqT_3QLrB-jrAwAAAwDWAAUBCNm66acGEODEwdywvbeGRhgAKjYJiI3RzdtzqT8RciWGAmKwqD8ZAAAAIFyP8j8hcg0SACkRJAAxARvAheuxPzDb-KYDOLUBQLVeSOMDULqJirYBWL-xPWAAaJ-kVHjn9QWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCggFodHRwczovL3d3dy5iZzMuY28vYS96YWktamlhLXlvbmctYmFvLW1vLXNoZW5nLXJlbi1uaWFuLXpodWFuLTE3MG1vLWppbi1mYS1tZWktemFuLXdhbi1tZWktZ29uZy16dW8tY2gBLLhkaS1kdS10ZS1uZW5nLWxpYW5nLmh0bWyAAwCIAwGQAwCYAwmgAwGqA5ADCqoCaC6YAPBpaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zODUyY2I0ZC0wYjRkLTQ3ZDUtOTA3Yy03MGQzYzc5MmI4NDYmY21FeHBJZD1MVjImb0FkVR1FVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDpJaALhydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJg0WCFN1YgkZGHp6ZiUzQWsNH_BpX3ZxZmxhcGhleSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzUwNDc2NTMyODM5NTY1NDgxOTIiCTM4MTg0NjcxNCoEYmluZzo0VTJWaGNtTm9RV1FqT0RBME56QTJNalEwTmpJek9EZxEU8FUzTkRnNE5EUTFORGM9wAPYBMgDANgD9MDEAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEukG_WIgFAZgFAKAFkbu7k5q3kJBMwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWowFv6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfn9QXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB4fjAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=9f3981777226d777230f3e31773d45e9a771fea4&type=nv&nvt=5&jm=1003&px=50&py=0&bw=300&bh=157&sid=6480718531133014903&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=400&ph=250&ww=400&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
an-x-request-uuid
0c654409-2eb3-4204-9bf1-48b733616bcd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FD09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=3207185805670866&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame F87C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAsYsUBQvDDC7Sq2wo4sk5jajNP0_d2cHJCTmj8H1shVjYp8lLjeYMr7NUcIAzeG-pMAkGp4NPrfqnaP9g0ArAUZ5NZXEuooxkXB-xPEeMcLb9Nm_7pXTsg2DW0v90HU1__VNnleCK_Jr0T64CRkM4HFbIei6dsAGOK2Noh2s4lmN9-VQU2NwRrvzxF14aT_2iE-1ifusfR1wsNNQgedeB5-FRjwwSCbcfcvc0zk4bYtJ2ZWP8oRoYemu3Xf8U3w2IypJH3eC3Y_c6khyB-s9u2qHddZKN-V62ioyKCZPggQs2KZanb6qfsr2k-0x-ezmA3g3riyDg3RFPXnfU-WRm-EcKJGZQZGnNnfabyBTn5i59mwe5IvO8LlMCpZ-BulRoBNDej5nzvodUDV-TsRsjLqkK4_Z9Xz-zh0s2eaDn1OozgrrpUeHoK7S4YEpgjnShWpTCUj6UlV0LwQyGH2aMXt7H1P1FIKIC1kBZcNrDEI3g17CxJodNwuLOMLTZHe9Jq39v4jshlq8HjB8h553Y3PlO3U3rH6i_DPLfwmwngo8KAFSKs37TRb-OwO54G17SAvcd1dm1VnClJ4A4fwhA4BQ4gix_n-oE2CXEzLZQPMAgkGDj_LYOBHIGlOMnoDl-nbh8NlIEuK_UbcC6ujdObs8FhPpOf2-yTOdl2YYL66BvwLMKGexkVa110ongC_nljKSGv73QaEqAoXx1n4wS1Jdak7D0oYQTNGLakLZqwmV2MXP_cCml5wI81zN9d50yIXv4b7oK8y4RgVlUIokdyflEVir5MIreh31kavqhGQVYNIjepjvdADfYLlSspmIRVT0LHBIvjG7e2l7d91dSyuN_FJY3ftHB0tJ2bem8Pb-f7NHHgCqvnOvsEapUMIH7wpH_u8kPasrAxMGwEaoEZSu_MhIF-xNeQcRJTdPh8IW_Ku-x-iwVbvMRHHEUJQ70EhfaBoHOtarBM2h4UwegfCC83bokH1ApZPsWeWipMPrth4zNOeyMzENx7xu6wIRnO8qCGx1Jr0shX2BMM6MbQJqmWZ2oBTu_chNlT05NC6ZJ_PNyouURVNRCdYJHA0f-QdKsrPCVNhF1wzyxhclpSH304YfNo7jwWZNlFyAvCZKBoAWz9H_418CltnMnanzh3xOyf3MeN3OwjN7Gig8xnO3ctBvDdbPo4KN8jewm8nUy_g1rgfZVhRe40ZVICsPbixrWVucqwT08FwBnCaW8LAq2oboqvO2y59qnJ8fj9xGNycStvvzR8LVVAD5CrGsc8ePvt8axmm0LFxyCgn4ZPvSF6eHNhQ73Q99n1TpMq0rIE75U2tRRiYe6UN-DyPKd6vZhsFCvPTB5msVNcN_uuYXpd-uelqQQoRjI-zuqvj3b1pa149-4cOWXcIEsjHH1b7eNjXtZHmrW1SBylBpNX4k-lhnY9FLyayZsJpg5x4tU_uNza9kya-7iXXOBLO5snLFoWxcjo5JE1InCsrU&sai=AMfl-YQZQdOEYD7GDW4v6CNIUPzN1YTIHjgGQTfhb9C3qZKQPh02MbXl5vLSLwM4Nxfvp3gRHOEo-33s0K6QxN2NQzqm05qgOxphGnCg7oU49NWncDEw1GPFeKoei2k_xOHpKwldE4lPhmWu&sig=Cg0ArKJSzDPCqHHZAyT2EAE&cid=CAQSOwBpAlJWb_sVIcyiFBUqZfUsLvSXSJNhABAh6uBx2L7JiyPfyJA7Vx-fHEraDZH5o3rlbFbFsGrulp89GAE&id=lidar2&mcvt=1031&p=60,236,150,964&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3805778231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694129495831&rpt=897&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame D5E9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTgyWUdTWTMxUUVvdGo1&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTgyWUdTWTMxUUVvdGo1&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoIIsujYNXNMyAZR2Rw1T6ljZ6YT3h1qWFYdB0pFZB5MUVWECsHmY6CpEEKl
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:37 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YTgyWUdTWTMxUUVvdGo1&google_gid=CAESEOvWXkfTvTyF5qCaGk_yhts&google_cver=1&google_push=AXcoOmTjVgfJsX12UAWDPyCx2sL9KH1Bw0fyGOCNoOrAEoIIsujYNXNMyAZR2Rw1T6ljZ6YT3h1qWFYdB0pFZB5MUVWECsHmY6CpEEKl
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGiw1GXB23LQ8x8IujyaCiI&google_cver=1&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdbRAbn5gyXlc6057Bk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdbRAbn5gyXlc6057Bk
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1A3B2A862ED443DC9C59B85BA9D3FFE3&google_push=AXcoOmQcEQJYC_9KYHVqhHWvS4cRG9Ou_QJqDcSG_0f4NiJL3Vx76M47LjsuQeZrLIRJEPrGLIh71-UdMAcXzdbRAbn5gyXlc6057Bk
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 06 Sep 2023 23:31:37 GMT
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECuc7BRG9KWVz-TheJs1Fbs&google_cver=1&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-dknj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-dknjMRIqg1OoCZjDCd
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3NjIzMDc4NDgwNTYzMjE0Ng%3D%3D&google_push=AXcoOmTD7sa6gFYjjWQ1-zPBzRZ76SncdHKvItavwXOwe8kEuc4rUPdi-hq9evSCN3J5wm8l2hSkvx5cga6lm-dknjMRIqg1OoCZjDCd
Date
Thu, 07 Sep 2023 23:31:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame CAE3 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEN3bCqb8XxucyS0DAqKPwWI&google_cver=1&google_push=AXcoOmQjIWXv59LyjIucQZIMLa1WaMhsP-JuwoKiXIp5qWA_yBWbNxjiYVHqxDiRSHJyjyE6qtiAqeSNM0aqAcEzn5cwv8j6M-hGEwLp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEP531E_LKdG_6sdt-noYk6w&google_cver=1&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6M...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6MDS0FAozSN&google_hm=eS1kdGJFQzB0RTJwRV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6MDS0FAozSN&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmTBIJFtnz4FRMRiQjQWp-pCdGvyWsEytwTgp8Dah_sugPiA6PKm5BIc5GKgltgitqbP4u-uth0G65s96LAm70I6MDS0FAozSN&google_hm=eS1kdGJFQzB0RTJwRVMuSlJKLmpsVDNvakE1YnRwWEM3V35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmToCg...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmToCgKZLBbSczbGfQ_9HkolMXhmPTLMySJd6BdxO8oLeTCnYSbVAjeZjPUJDO-922LR6R1DP2pQuAHL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmToCgKZLBbSczbGfQ_9HkolMXhmPTLMySJd6BdxO8oLeTCnYSbVAjeZjPUJDO-922LR6R1DP2pQuAHLnhpWV4OB4lHb243QLkNT
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-xabP1NRA-ypKkn1vYg-NdkNVoZiHSG1HuB1qVw&google_push=AXcoOmToCgKZLBbSczbGfQ_9HkolMXhmPTLMySJd6BdxO8oLeTCnYSbVAjeZjPUJDO-922LR6R1DP2pQuAHLnhpWV4OB4lHb243QLkNT
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
578406
content-length
0
expires
Thu, 07 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CAE3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECeW7CJQ1XaX0npVAwMZ6LI&google_cver=1&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0n...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECeW7CJQ1XaX0npVAwMZ6LI&google_cver=1&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTczMzczOTA5MDEyODE2NzgwMA&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTczMzczOTA5MDEyODE2NzgwMA&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0nFUcPllm0hOAMmNP3FGNC4zM
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTczMzczOTA5MDEyODE2NzgwMA&google_push=AXcoOmS5aNo-Eyx-Fe7MPFXjUj6Xy-Wu8dKso6GwLn3qdVcEZgQ2Ve2amVUnQS8VUSQ_QLuSatJFtv0nFUcPllm0hOAMmNP3FGNC4zM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame CAE3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3ZKqKHKT_SE5em4VQXuLZM8WBjw-dQg-IOVk4RLSvns7D7lIdKPm6asq_fwufe-eZiCTZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4837580342204099978&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2867&oid=2&is_amp=5&amp_v=2308242321000&d_imp=1&c=55001622&ga_cid=amp-udQFIlQG5LuznbBIizYJ5g&ga_hid=686803797&dt=1694129496679&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&bdt=2654&dtd=100&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F94 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGqTmxhKVtQ1U9XqHRkRxdbmiqMhUG8s5nJLK6jBvJfCFXhJ1eCPtan_jv4PiWJOqfRDJbkYwMCmaj9sQZHt26wngKNZCe2OBfEec1ZLqJtGPcyE_bTJy58PnIinvQfQvkNJdJvMAZvTqE1eovWDMA9l-9DF0YWdE95-K-IivdJzcXZx_AD75aVmcfEqonS5jyAfSlLj-WO5ZjQ7MJh7V021gVrjxRQZXp2bgdunkV4LfOhjtKx0IojikEIgdTTZQJP4FA-aT6xQfBcbh4c9OIMGW6iU3JHQzoXiW3JvWGbfDQO-eRa_HMFAJeyFgn2sIZ_6tTgU529RnyJv6Sce__YWqIWV4U19E3AngUPXCrHzXJBDSxlIViRYHebVTLHhEY-ESBMpl2ASNH5jHnpzyDgnIXjzAJkXZT39d5P79Tt_4dZoMh3gLcwEM8O6kLyGh2QUhgbhw1UEa1-sjhdr8cDWd30vM5ES-WYTiluJ4oSkvI_LE0bVw3LDv48mH9-uDbGxRTLQJ8_O5jCAVyPbTDtIzRm-42wcCJwWuy-WbtQlHTetOZlPd62oLYIvLjbDs4AmyMfhbaYEB-JJm4K7wvx28oSP0ANUrnJX11Jfge5s2bLeJp92J7NR1lrc6c9j0RI8Fmq81momPgy3wAyQK4lsscjiiUXTUzgFhoBSvrlmv2TReA6-TP0LrUnvVQNMoGoTckhhI1bFRYMfw7pEhKWsFuesJNvuaUbo8XlJbINk5zXZJIx5Srm1cEWrLne0KK22LiGVVey9uEzzlzVafLR0p_oHpzYtE-5xDtA73BIWV9SkaOEps_TW_HaKvYufcZpy8Xy30Q6nU1g9l_VQW1ngG8AI4VXH0rMR9jHV7I-8bL22QzzC22tpy2eACUfE2VV6lz2GKNavbkxIzeryJ43oSQsTsYp9PdcJPR3vTmReQvf2TynhVhLv_FcVw_5JzfzzJAbOnIVThvdZaH3czItmfpYyWN4MlnAN5nsPL3gDK2oaCCzcVWt1BZvPUlH-FXXOrd8V10MDd05IbURlWyobA_wtVwLQPPkyUlMGSt1iqK--35f0M-A2sa9Oe38iM8T5qRIIKngcXmzQl3gkKuoh8cyeAikAHSNHvqUDd7VpMoXjCa1dgTNDmRHhY1B_P4TrgRsYTuxSWyL18IqM5MorDMUJmUgzQCvJtXWMdnmGbFnC5A7PqwlMVDJ8FfnNIo9l0U-Hoc2lGwMWMT6faY9c_1bcDl1NZhqWMwuTLy8gMsqPoSjhiZCm6JgojbXNiA32kHFeMRFI8SVlIhHr-t__YWgbRCbK3Tfz-yQ-_IyPKQ7EzAsRn_82LJ-63aTEy40dIRWpUWxcYMo2q-xfcHT3BWbniAK9zACVb9I6JWKe9ia93HdCFNxFmWKCwWFsIE11twxTuw1SDkdk5_yJvcgBuhHTS8Shz1RGXnQ3e6ADefVCsigIqcf1qaUIr1OdtNmdC3rW-AiQ_GVBx0ly4tOspZtR6Yf4pKmE8Ed1s0SQWf9KlyG7AfpQC23c5GQ21jPFEwyJgvH4j7k04F1pkOsvB1rCSq9c9FNToOk0W4N22xMhbbLITJfqJbvPkmD_pTQqsHC9gN-pGBUf-Ut79zbNBrmybOnjY2sme6CsgLMZyNL3YK&sai=AMfl-YT1_cfTXR0YVfP712P3DF8Czm7gaDx_cwTpMelPQBZQ-M7tQfG6C1Z1XX12rHNnYsyss1hDq37i9RkA2JwlI-D7ox7RR56xOfc2JxmNX9EhcOVf3B1BeLynYezZ-t4DEzUjzBJwM1L2&sig=Cg0ArKJSzI7kbh97-x6rEAE&cid=CAQSOwBpAlJWkBaMLI9ejEPh4nLmC2iRiO8yk3GA7-6ulpUwUG7oUZp4C_GWqAyHCGK4smepiVOKXh0Ufga3GAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1029&mtos=0,0,1029,1029,1029&tos=0,0,1029,0,0&tfs=830&tls=1859&g=100&h=100&tt=1859&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/zai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 07CF 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7189853841633&version=m202307240101&ct=76&x=1&cor=11128412956603080000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18ce5dea8d9fab5758d9640c2a8872cbab808655d34bee0f193831bddc4cb1be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11673
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1622&cid=amp-udQFIlQG5LuznbBIizYJ5g&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dr=&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1694129496&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=5886&epn.domain_lookup_time=16&epn.tcp_connect_time=748&epn.redirect_time=0&epn.server_response_time=1286&epn.page_download_time=3&epn.content_download_time=2108&epn.dom_interactive_time=2108
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308242321000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-udQFIlQG5LuznbBIizYJ5g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5886&dns=16&tcp=748&rrt=0&srt=1286&pdt=3&clt=2108&dit=2108&a=1622&z=0.18962372969477803&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 10:36:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46528
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:31:37 GMT
generate_204
tpc.googlesyndication.com/ Frame 83CD 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hxEb4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 23:31:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9FB9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40644
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EA4F 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9319b91271da436d4722a439f7519eb7b61310bda55e0b1e8899f1396fb6ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jylgm_9829iwyZls64mKKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-jylgm_9829iwyZls64mKKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Thu, 07 Sep 2023 23:31:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame D5E9 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IX6knA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncframe
gum.criteo.com/ Frame 567E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:37 GMT
server
Kestrel
server-processing-duration-in-ticks
528647
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-17d52"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 08 Sep 2023 23:31:38 GMT
sid
mug.criteo.com/ Frame 567E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=bg3.co&sn=ChromeSyncframe&so=3&topUrl=www.bg3.co&bundle=1OS7G19Fa2hmbGZ5VmxNdDB2cFRYMm1sTlllNnY1dlBocUlFbVB0ZmpTJTJCenEzM3hiTyUyRmRiUVJzdj...
  • https://mug.criteo.com/sid?cpp=aEGPTHwzU3k0K0VEdWVxYkhvL0V4cmQ1dUk5clNtVWVUQkRDdWVWUTR6U1ZrY2YzT1pGRUNVTVU1NEZXQTB3dVBPZDZRb01XclR1R05UMUlkaXRDelpTUUk4MnJoeFphMWVPWlMzZUVuUFZwU3pCeUpFT09oenpXa3R0RG...
433 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=aEGPTHwzU3k0K0VEdWVxYkhvL0V4cmQ1dUk5clNtVWVUQkRDdWVWUTR6U1ZrY2YzT1pGRUNVTVU1NEZXQTB3dVBPZDZRb01XclR1R05UMUlkaXRDelpTUUk4MnJoeFphMWVPWlMzZUVuUFZwU3pCeUpFT09oenpXa3R0RGRzaDVvdWsvMnkvamwvejhkNXFUSHJCWjAvc0lDNytuV1NyOFNmWEthSkRxbllmcy9ySXIvWEZSMDdwZXc3bDhTRGxCNnBIZUdWMzVRcmJuZ1NpMDBqcHJ3ekI5MExNZUx4cVlLT0h5ZVBienRjK09sWTBVL3dLRS9SRTcrSWRsZjg0dFhBN3ZjM0RrcHYxWSsxK3hFM25EajdlUWdnZz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee2531f39552d8127ca5d2937bd2e546780c00ee8ea0c41a185fe959ca57dddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
834720
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=aEGPTHwzU3k0K0VEdWVxYkhvL0V4cmQ1dUk5clNtVWVUQkRDdWVWUTR6U1ZrY2YzT1pGRUNVTVU1NEZXQTB3dVBPZDZRb01XclR1R05UMUlkaXRDelpTUUk4MnJoeFphMWVPWlMzZUVuUFZwU3pCeUpFT09oenpXa3R0RGRzaDVvdWsvMnkvamwvejhkNXFUSHJCWjAvc0lDNytuV1NyOFNmWEthSkRxbllmcy9ySXIvWEZSMDdwZXc3bDhTRGxCNnBIZUdWMzVRcmJuZ1NpMDBqcHJ3ekI5MExNZUx4cVlLT0h5ZVBienRjK09sWTBVL3dLRS9SRTcrSWRsZjg0dFhBN3ZjM0RrcHYxWSsxK3hFM25EajdlUWdnZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
299699
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame EA4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=4347454479485159&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame 9FB9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
generate_204
tpc.googlesyndication.com/ Frame 9FB9 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kcrllA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 07 Sep 2023 23:31:37 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
195699
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
209473
expires
0
rid
match.adsrvr.org/track/ 		63 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
9647dc8943014798bcedb3f9859714f09c6b0c8adff125a308c5dabd184741c6

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 07 Oct 2023 23:31:38 GMT
sync.html
public.servenobid.com/ Frame C4D4 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-2.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
53097
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 08:46:42 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
x-amz-cf-id
SDJtvp-G1xp4qyiEN7KtE9Kxdqdh-i27NXjgZKQE1P8mcdxhfFQUPw==
x-amz-cf-pop
MUC50-C1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame B2E3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
60971
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 07 Sep 2023 23:31:38 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3448, 342512
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230127-FRA
X-Timer
S1694129498.311557,VS0,VE0
/
csync.smilewanted.com/ Frame 63DE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf144c4d18d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame DA42 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8472
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Sat, 09 Sep 2023 23:31:38 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame 8A88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 07 Sep 2023 23:31:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pd
adpushup-d.openx.net/w/1.0/ Frame 1686 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 14ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694129495210
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame 805D 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 07 Sep 2023 23:31:38 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 5D80 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
867
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8032bf148b862bee-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Fri, 08 Sep 2023 03:31:38 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7A76 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 23:31:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 7A76 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58987
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:54:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2CAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=4411346609652208&bg=!uLulu_TNAAa6D61Rmg87ADQBe5WfOKruKTAuAVnUWdi3enh7RTUg9uzWf3GHdwOLNKNeywZhE9OjTpKJOME_9KW8LBZPAgAAAepSAAAAB2gBB5kC2rYnPRg_M4i09zHOcMYYS0_A18WMacwVIW_xu2eI-hM_HMZeuh50qpAqOZ4XPwIQgMTsDiM-mbJ1mymJbxF88MgFZ0ceKEG-f20kvi0PhkwG6BAtpOL2MwP_W0ctAsanXCcTZoAEkzL1xgHIdVArKJIP7tmfIdX-nGvnSohiNBKwCyJPB4LZMshVwZfiSIfuAWczq4dn8XDrdVK_uT-p12ZuvG1tcTjXQmo6syYSrhTjHKiC9jcNTfNRMeB60JdRc6h0X6x3QBl84aVKYxZQbeQ7YQJmT7nC3Yr3Pp1UmJB9mZq9zB1Z6ejkBgGYNZ53fuCKj8i537dJa3QP_HttdU2O7kG4hopTreyKh90dEWHvwxT4F2av8BVl9EVVcWIZLjCxrBsKvXOXg-6AUt1Go9mbvptzKGAPgA-ijvm6qFkan6h3wOSAGawmX9F6eBO-7gUMKGwMogkcPo0BPLQ2k1PsRsEiYYAeaeOxPmDN0Smdu_pUyiMANi6dRuXfHRC_NdHZlzaZg6WYx1-lFCVTwVXw_1ornWopjbQjfZjVZeq7yYu6xLnpTU1j_Fw1Vg02Sk5sv-Mc5pYwsuZscjIFsaNqmrWoorgQr-yovDJTlX0d46wds4FWtAikxRPVWlBbElgxZcpWFUU2v97jsINju1LRpACKDGHwf2b-ZJbRY2czI4tJS60qrWOuSKX_4JRszopsTiZebY17DaUfUF8AsHCLJ8gPbs-BoeSVzLFWwUVDElbgwGnG_TZkLMQrG_5T_wXVPOqW_RMr_Cm3eFCsR8HOn8WUYILPgpbPn8dDiMcqO46bEofbF1NWiPaNPXVolXT5nQQexnYiF1hupgUZoQA1tJb9r8IGA5ITNN28rTSYGibFbFfZJRpWj8NeTg4suCQwziXkAS3Aq6WWS45RafO2dXa4_2hFj_3uGADCYUEEdmuWTv9dyf8s5rckVjM38n-pxrgTeJXSRHU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 63DE 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
556685
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8032bf14bcc318d6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame B2E3 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
an-x-request-uuid
db29b9e3-e526-472f-8438-1319e1679636
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
13926
g2.gumgum.com/usync/ Frame 5540 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.97.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-97-78.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ffe7641077fd6a0889ace0490c776cb6fa3688892ad8595383af364a255756c5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
etag
W/"0edc590cbacfc06555c323920e4275032"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame CA08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 3053 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
1bd79c76542de307f390d6dcf3a77a29f05c4b7a6dbadd6fcbdfd30f90406547

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1161
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4CBC 		2 KB
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0ef6c597f965ce39c4f1ee84c911c3ce3c47917b1f9aa78a30bb3c29091345

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8032bf1509d0373e-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pfwcmerrnxRWU7YjcyfC66orujKDrDrvtxmLpKN0Uw526X7L2VN06JTS4st4GTURPouEYAIKEjYrwH1Cd63r2MyfopBrEq3Sn2NMrgl76EQ2oWosHqc8FR8qJhRrEDO0Qrnxf%2BKqhURaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7E3F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 23:31:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A985 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19454
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Fri, 08 Sep 2023 04:55:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame F241 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3a00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
server
istio-envoy
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
x-amz-cf-id
emHLLXHvl2PkmGmQFtgozdaBY8PN0DbRCtoInNnd48e6s5Suy3DXAA==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 2A89 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Thu, 07 Sep 2023 23:31:38 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9084 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.234.116.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-116-116.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3572860629678642372
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3572860629678642372
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
an-x-request-uuid
834db02a-c5be-4b52-8571-22e07bd909b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=3572860629678642372
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HSKjqRZHiwqErkirRbG4O-ZU
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HSKjqRZHiwqErkirRbG4O-ZU
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HSKjqRZHiwqErkirRbG4O-ZU
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame C4D4 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Sep 2023 23:31:38 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
sync.targeting.unrulymedia.com/csync/ Frame C4D4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694129498460
  • https://ad.turn.com/r/cs?pid=45&rndcb=6943882541
  • https://sync.1rx.io/usersync/turn/2607227653098436665?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5142336725121148145
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5142336725121148145
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5142336725121148145
Date
Thu, 07 Sep 2023 23:31:38 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame C4D4 		0
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-54
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame C4D4 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-2655afde-901b-3cc2-8da9-36e761a51802
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-2655afde-901b-3cc2-8da9-36e761a51802
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-2655afde-901b-3cc2-8da9-36e761a51802
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame C4D4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame C4D4 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
sync
ads.servenobid.com/ Frame C4D4
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 07 Sep 2023 23:31:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Thu, 07 Sep 2023 23:31:38 GMT
pbs.gif
sync.admanmedia.com/ Frame C4D4 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
usermatch
ssum-sec.casalemedia.com/ Frame 257C 		2 KB
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242c5465ba8b3bbf233eb01f0aa4d6dc554007e6a0e6ab73d13ac35b2f02ec10

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8032bf1529db373e-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G%2F1dRytAsQaNc0iv7774Eb6fecCYrYAErMlFVRRJVFJnutQqTRIYzY9Ai7Fakkf1KnDKW%2BXFK%2FGCN7pczgyxnyrinN5n5n53sX2koQFCDiReMwQPPqYNSAvh9nvAybWWxPEcD5rqB8BZg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ads.servenobid.com/ Frame 3053 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=4675748140497970013&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 3053
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09892204009609dc57dd879c&gdpr=0&gdpr_consent=
43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09892204009609dc57dd879c&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=09892204009609dc57dd879c&gdpr=0&gdpr_consent=
date
Thu, 07 Sep 2023 23:31:38 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
e09bad714a425a93d6dea503dcf9c528.gif
cs.admanmedia.com/ Frame 3053 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:40 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
rtb-csync.smartadserver.com/redir/ Frame 3053
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=c1c36605936ea024411bc75398341792&gdpr=0&gdpr_consent=0
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=c1c36605936ea024411bc75398341792&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=c1c36605936ea024411bc75398341792&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
/
wt.rqtrk.eu/ Frame 3053
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4675748140497970013&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4675748140497970013&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
141.95.32.72 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
haproxy-eu-005.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
1
content-length
43
expires
Thu, 07 Sep 2023 23:31:37 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=4675748140497970013&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
activeview
pagead2.googlesyndication.com/pcs/ Frame BF8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviFKUKEbqcTnpCMqAp03uoJsD289UXo_MaKv5QcX_o8As46rInXbf0LAQm0Rxge54bX2wfVEzLX6lQwUNzdfO91PuM8vbkP66dgJjtB_a2lkBpp9S81HPQxuEl4uVoPKuwlX3AQGYom22h&sai=AMfl-YRbKiTBt5Yj-xprNX6TdVAti9Ac7bUhbvayklUGL-qVU1neL3mT5ZITWdbxcGLZr_dSlDMNi9X-xOqD5Dv0IO7leB-6TSO9Y_xp7TUKFFxqifzXPqhgGBZBAKI&sig=Cg0ArKJSzBg39BUC_SYGEAE&cid=CAQSOwBpAlJWKKBOwDe6r7GNtT97BKFzK8pP2ImukMt-RgKw_D1krWaNYPkd1dxsRpT2Pl_s9eBCS7We2N_JGAE&id=lidar2&mcvt=1030&p=0,0,280,336&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694129496559&rpt=771&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7E3F 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58987
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:54:45 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4CBC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 4CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqqLPhvW7bc73bHivb41Y8&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqqLPhvW7bc73bHivb41Y8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz1S51v2EETfZ8ZSXWDVFS4RrOcdN6ADIjSMxPCDqV0CfnEYS%2Bmsn1Mrqa02nWHbxN14KZWv4Whz%2B3ewPMTSGuAzXHLR8%2FVTWsHNErTC%2FaGI3FFEgOu71mACOdTB7uRD7E3dPd3ShNn4sA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf15ddc99b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENqqLPhvW7bc73bHivb41Y8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4CBC 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WFYRBVVQ6ESE6YA1NP1G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4CBC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:316a:16ef:4691:e00e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 4CBC
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8bb7a736-45d4-4158-94b2-130759ce91a7-tuctbf3e2da
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8bb7a736-45d4-4158-94b2-130759ce91a7-tuctbf3e2da
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXskPi7oUkNKfqB1IktyuFc6YCLGojnUSLItA5Jl5p6C%2FWYIO8ZrPtzp43M8WSEEKDGtiBmluRSYfc6E29laZHOuvQz9W%2F7jNeQG%2FDiTnTByIbfDTnLUVfGLikLEVtBV5KVk6QOHcbZkGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf15ddcd9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8bb7a736-45d4-4158-94b2-130759ce91a7-tuctbf3e2da
date
Thu, 07 Sep 2023 23:31:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14865
ix
ad4m.at/ad/sim/ Frame 4CBC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 4CBC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1733739090128167800&expiration=1695339098
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1733739090128167800&expiration=1695339098
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCCuTEcnS4GpzBXarf5SFZsdbtYWvdATMvGGZPPiFacntvMuYuKBFjYMV6GqN%2B85GHLNs1vCTMbO1FCGsCUlIv8fNBs5BctXo4LjQfFUHXunsJYslh6jUk54XqjvPxbRE%2BarTFWAkOa3gA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf15ddcb9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=1733739090128167800&expiration=1695339098
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
bridge
cm.adgrx.com/ Frame 4CBC 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
sync
ads.servenobid.com/ Frame 4CBC 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 257C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3572860629678642372
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3572860629678642372
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YI5OJgB7xpdT8jC6TAC87qDp9ieR3Ar%2FcbPMT2nSTli%2FLUAEdv1qW1G%2BcbR0mZ%2BcqjluLcnDVKokg0WcP6mbqAH9AblrOg1xNZs0nIhZaaJ9S8mELDIXJT9vIiiB5KTI2YLUZdp5LJt6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf15bda89b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
an-x-request-uuid
caa736e8-b8f0-4437-8faf-bcefe07c6d83
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3572860629678642372
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 257C 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-202.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1694129498446058-367
Expires
Thu, 07 Sep 2023 23:31:38 GMT
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 257C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPpdWgAAApCUOQA_
85 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPpdWgAAApCUOQA_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230110-FRA
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2225
x-timer
S1694129499.705884,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
3403

Redirect headers

x-served-by
cache-fra-eddf8230110-FRA
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694129499.576714,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZPpdWgAAApCUOQA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 257C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFCXE7J9LsAABSEx-088g&expiration=1695339098
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFCXE7J9LsAABSEx-088g&expiration=1695339098
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy1zGb0EdUxJ%2F8manwv6racEvnPnW61hyAQaQ9DmOanfyJHE8x97HhQ8zPc4thCDQvCHBmtGFefMT5Qy7p%2F6abkJL4jTXr4xyQvV38F1bQubPoKbOiR%2FTMG2XkgwAob8LpC87%2FbMPzhJ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf172f179b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFCXE7J9LsAABSEx-088g&expiration=1695339098
Date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 257C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=GO0b8QcSlc8qj7wsEJXn&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1
43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=GO0b8QcSlc8qj7wsEJXn&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx4zucbWWjGE8%2BhZPdMKIvHXmsKiMlRjfQ%2F9FUjDun%2BAgoDCutL7UtFcT%2FJHPICPoJuhQ%2FrWg%2FZhn1wGOyAITrC04h2ImiSiBvZOJ%2BDP%2FkOYofsCaNDiBFSJJ7h907DZeDn4mb%2FEwVXoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf165e2a9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=GO0b8QcSlc8qj7wsEJXn&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZPpdV4YSjHrx9Y-tzH4ncgAA%263259&tc=1
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT, Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 257C
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709854298&external_user_id=2d3e8207-cb56-40b8-bda1-a044019df1e6
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709854298&external_user_id=2d3e8207-cb56-40b8-bda1-a044019df1e6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmeQv3OM1l5%2FHXfL810f5cbVWwXuLRv5%2BfuGB2m0sLsEkwqnXzrfxzbl6%2B4NXV1TEUEJd3XBqRN4mCeSCIvLDt7%2FOGSqfxHi4BgHaZGXKisJ5s0DBCqnj0ZT5zmR1ws56bX7EO1sRjO4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf16ee8b9b8c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 07 Sep 2023 23:31:38 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709854298&external_user_id=2d3e8207-cb56-40b8-bda1-a044019df1e6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
sync
x.bidswitch.net/ Frame 257C 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum.casalemedia.com/ Frame 257C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3572860629678642372
43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3572860629678642372
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYomkUb0PHGDgybw55Zokq3nTBkGFtf8FmMrnY1bR3DPrK5APGFJXLGAEPHiPZDxVz7XnhkfMyOzY6FEfrXKjuqmNoweVKIS9ljWJUucS1tYQgjfBZYF04azCe87%2BtrU00ViTs9K"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8032bf160a72373e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
an-x-request-uuid
e991cdcd-4a9c-4c58-9f1c-58eeea94faf9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=3572860629678642372
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 257C 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPpdV4YSjHrx9Y-tzH4ncgAA%263259
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
17332
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8032bf15ace72bee-FRA
content-length
43
expires
Fri, 08 Sep 2023 23:31:38 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A985 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86411867&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
adde0393fd093085ac684eac270c149bc04554c4beb2c40c4d8e4be94d614104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
drop_cookie_sw.php
csync.smilewanted.com/ Frame 3215 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf159d8818d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7E3F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LM9SYKHD-T-IVD0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/usync/ Frame 7660 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3572860629678642372
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3572860629678642372
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
an-x-request-uuid
06296fb2-a5ef-45a8-a1bb-3a88db45b02f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=3572860629678642372
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 5540
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=65ekLOjH93rwlKB865rve-mQpCjwl6Av5Mbq-bBH
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=65ekLOjH93rwlKB865rve-mQpCjwl6Av5Mbq-bBH
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=65ekLOjH93rwlKB865rve-mQpCjwl6Av5Mbq-bBH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame 5540
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%280uZuSOsH3-MpKlPs8s3IKLRqTjeNVQ6r2bC-vhNCGdRD4n0HVxKKNHjQryjvku7U%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&obuid=ENC(0uZuSOsH3-MpKlPs8s3IKLRqTjeNVQ6r2bC-vhNCGdRD4n0HVxKKNHjQryjvku7U...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:39 GMT
Cache-Control
no-cache
X-TraceId
92fe51e2e1f414565f01df74a78f05b4
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Thu, 07 Sep 2023 23:31:39 GMT
X-TraceId
9dfc3aae0ff35feca6d8f465744fba56
Content-Length
0
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e0b12450-3a1f-4716-9c41-8509f365b41b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e0b12450-3a1f-4716-9c41-8509f365b41b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e0b12450-3a1f-4716-9c41-8509f365b41b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-2884023a-e3a7-5da7-40de-f1c284ebb887$ip$138.199.38.133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-2884023a-e3a7-5da7-40de-f1c284ebb887$ip$138.199.38.133
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-2884023a-e3a7-5da7-40de-f1c284ebb887$ip$138.199.38.133
Date
Thu, 07 Sep 2023 23:31:38 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-JIZG0g1E2pe9FOAmFgxi_SN_ic5E6ca55ZPP~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-JIZG0g1E2pe9FOAmFgxi_SN_ic5E6ca55ZPP~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-JIZG0g1E2pe9FOAmFgxi_SN_ic5E6ca55ZPP~A
content-length
0
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6964e0f5-6bbf-455d-b9e6-f5726177da0a
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6964e0f5-6bbf-455d-b9e6-f5726177da0a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6964e0f5-6bbf-455d-b9e6-f5726177da0a
Date
Thu, 07 Sep 2023 23:31:38 GMT
Connection
keep-alive
X-CI-RTID
f35d3cd0-2276-4de2-a5c7-1d5878efeaff
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 5540 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=N9JmkYzpgSaJabWXDErs&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2TRZJJWWWWL2OBTVGYKKMFRFOWCEIVZHG...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=N9JmkYzpgSaJabWXDErs&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=N9JmkYzpgSaJabWXDErs&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:39 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:39 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=N9JmkYzpgSaJabWXDErs&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
server_match
ad.360yield.com/ Frame 5540 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.247.148.218 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-148-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Sep 2023 23:31:38 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=TwT4weuO7v17&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=TwT4weuO7v17&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=TwT4weuO7v17&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-clmxg
expires
-1
usersync
usersync.gumgum.com/ Frame 5540
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4675748140497970013
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4675748140497970013
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 07 Sep 2023 23:31:38 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4675748140497970013
date
Thu, 07 Sep 2023 23:31:38 GMT
content-length
0
sync
ads.servenobid.com/ Frame 5540 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 2C33
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPpdWgAOncThHABY&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPpdWgAOncThHABY&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPpdWgAOncThHABY&gdpr=0&gdpr_consent=&_test=ZPpdWgAOncThHABY
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230110-FRA
x-timer
S1694129499.692047,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame EFF1 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85ZDJmMTNmMy1jZjljLTQ0MzItOGQ3My04ZmQ3MjJlNzdkYWI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8285 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=19454
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Fri, 08 Sep 2023 04:55:52 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame CC93 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 07 Sep 2023 23:31:38 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 8B21
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPpdW8Co8XwAALBbAXMAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPpdW8Co8XwAALBbAXMAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:39 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 23:31:39 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPpdW8Co8XwAALBbAXMAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40303.dc2p.scaleout.jp
X-SO-IP
138.199.38.133
X-SO-Key
ZPpdW8Co8XwAALBbAXMAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZPpdW8Co8XwAALBbAXMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40303"}
X-SO-LB-Hostname
m-tgng24.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40303
gumgum
cs.admanmedia.com/sync/ Frame 4185 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usersync
usersync.gumgum.com/ Frame EB1D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=2mYy9MbVjkLho1MaObdH&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=2mYy9MbVjkLho1MaObdH&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:38 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT Thu, 07 Sep 2023 23:31:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=2mYy9MbVjkLho1MaObdH&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8970
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 23:31:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
ap.lijit.com/ Frame A655 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 07 Sep 2023 23:31:38 GMT
X-Sovrn-Pod
ad_ap3ams1
sodar
pagead2.googlesyndication.com/pagead/ Frame CB6F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=2931742858660810&bg=!ubqluvXNAAa6D61Rmg87ADQBe5WfONvcDAVNvBmfS2gzmqKgJtA8nvWJ6LhkH7rji2Lkc9ro3_-8Q2zdAWGWksOW4TfkAgAAAMdSAAAAB2gBBwoApBtlzjm4IIVq1iEiLVGX1G09GNr3ma7uXoVBAx5OGbdD8zupkuO09pSHBQtdJu27CnrdjVPbwX1dnUnh2avMa61lI5lYUYIabGxBaDnp4PVgi-fdGN05Lx8v-PBR3TNNNZYbEysQtigbm3qNQhCFPxnZALClQy0AeXwydzjWlGQSFV-hjCRHilP0H5RDlcBQ5CyxrO-Tx4M2kk2Qc0Rg5TmPt2FamQLZKdsiPtmO6mRnr77nMTlDoi9veC1MFv8o1vLnzQNlzu3OxpPsw5-VFy9x90_xyUl4-TqIL58Bt5uMbkjMfiwL4yERzzBetitQ4nQQuDUwrWqcg1MRgM7iMPQahzUcBcWZX63iijyWaN3s0xVUu9wCdNcxw9tkDUEE7AjDrPHPlkWPTTJh10gjRiVr41WkksU9Oe9nlQEo7u8jLOPW3sik8eT6S_RuTN0jiAKwpe8vzvF4vEcrzgf7Zh4Yweh_h0F_eAMkumNiHmSbeyyp3NFd1OZCviBuOsJgKFTBm2OdVElUKYPBVdw5rBWwBwzdd-D52rQ2K_6utNlA3frEcqrik6mfI23xJ0k4uoxAtgaxQ2h_7qZyTQ5IWIRO03udMMzG9lhQVdqlj0YbD07AsH2KQVqfqv0Q0QV30Z5NnhjCY3JCSqb1o7siI_rifOG55Z8nmKszABppFk07EPABYJlfhSXGAGjwlYsYvKrYNGXLzaE-XqsKxCh7sjCccGGt_xjf3-ra1f7wcKAJN9lVGIA0ACh9Uttn6DUNw6r4dO1MszeOPiwTJt_toM2zjy6Z1X_lj2Mgl9xj7Ztjh1gmKneDOSSDJnjbHsz5lHAkIbursmNZvp2rCs_7_7lEE3novzUspCsix_4zSJrvURxT5om1gDekTnXCXezvHSa7HRyrcFBseWbfvME5yB5QjH2GyekI4eQrRzxFsIySKd-MGTzF3TW--brazlk80v21WebkDrHf3HRdIXg0CP2IqLpySOf3aW6TaAAXhK5DtlwcXS_SVmQdDlf7ds9dshB3FEYJS_vXCniacqItTq6YEFym0k04GRLhvJtgxii95NE_SDcuslFNlwlWVExvd3kMxA5fph_QXbQVIZbTJJs-GweP_OGnIzxP9lj1AiWpLH1oIRk5PQqGdVgKYbVLhKtelDIPb8Ep9PdSEoUy0a3LulywtfBxpUPwwfXpgPwX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 541F 		714 B
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
5371
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8032bf163fe59244-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDbLGhe%2BaMQRiMCgYoZYnVblrzlgYpvDGKCALY6Fs%2BvDA3COqycWZkM3oDH53shwEFLGVgx8%2B%2FgFiRtivjjqMXuXJ%2Fl4c8NrJ2dJQrmXrz10%2BnD0jbeKTPeQRJZ96qg1i80rhx53A1vDqgLMEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 74B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 23:31:38 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Thu, 07 Sep 2023 23:31:38 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 1552
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Thu, 07 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
588153
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6D82 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=28B6492E-5EA6-422D-8273-13906E0D69FF&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z984AJAV17PXYA78TENX
Pug
image2.pubmatic.com/AdServer/ Frame 6E4B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 07 Sep 2023 23:31:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame AF9A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=28B6492E-5EA6-422D-8273-13906E0D69FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 23:31:38 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A985
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KLZJLl6mQi2CcxOQbg1p_w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=19454
accept-ranges
bytes
content-length
5606
expires
Fri, 08 Sep 2023 04:55:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A985 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.147.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.21.114
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame A985
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1662117902
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28B6492E-5EA6-422D-8273-13906E0D69FF
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28B6492E-5EA6-422D-8273-13906E0D69FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:37 GMT
via
1.1 google
last-modified
Thu, 07 Sep 2023 23:31:38 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=28B6492E-5EA6-422D-8273-13906E0D69FF
date
Thu, 07 Sep 2023 23:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame A985
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=28B6492E-5EA6-422D-8273-13906E0D69FF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDQ2OU5naFdIcUZUZGlhdngxZjdOLWF4QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1733739090128167800&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
54.147.123.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-123-103.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A985
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjhCNjQ5MkUtNUVBNi00MjJELTgyNzMtMTM5MDZFMEQ2OUZG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A985
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBeFBqqczCyGHtG3bMUxsfQ&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBeFBqqczCyGHtG3bMUxsfQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBeFBqqczCyGHtG3bMUxsfQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A985 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 06 Sep 2023 23:31:38 GMT
generic
match.adsrvr.org/track/cmf/ Frame A985 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame A985
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1733739090128167800
42 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1733739090128167800
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1733739090128167800
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
28B6492E-5EA6-422D-8273-13906E0D69FF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A985 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/28B6492E-5EA6-422D-8273-13906E0D69FF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:316a:16ef:4691:e00e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame A985 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=28B6492E-5EA6-422D-8273-13906E0D69FF&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 18D9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.249.8.201.138.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Thu, 07 Sep 2023 23:31:31 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:31 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
usync.js
eus.rubiconproject.com/ Frame 8970 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58987
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:54:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 541F 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af93646126dea6cacd97c688ce5de518b1d264ebd1774efbc879072e2759e93b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29015
x-xss-protection
0
server
cafe
etag
206 / 19607 / 31077684 / config-hash: 6691085259580024239
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 23:31:38 GMT
usync.js
eus.rubiconproject.com/ Frame 74B1 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-251.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Thu, 07 Sep 2023 23:31:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Sep 2023 15:55:17 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58987
Connection
keep-alive
Content-Length
10233
Expires
Fri, 08 Sep 2023 15:54:45 GMT
RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 9E8A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=4597388745
  • https://sync.1rx.io/usersync/turn/2679285247136364601?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-b4a7560b-0320-4864-b124-6d9...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
0
685 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf18980118d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Thu, 07 Sep 2023 23:31:38 GMT
etag
RXb4a7560b03204864b1246d95688a1d0d003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
97eea2f0-7093-53fb-bd1b-5e3bd9e10363
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 5D02
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/97eea2f0-7093-53fb-bd1b-5e3bd9e10363
0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/97eea2f0-7093-53fb-bd1b-5e3bd9e10363
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf17af4218d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/97eea2f0-7093-53fb-bd1b-5e3bd9e10363
sodar
pagead2.googlesyndication.com/pagead/ Frame AF02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=3207185805670866&bg=!DQ6lDkHNAAa6D61Rmg87ADQBe5WfON5OmmMh8oC2vnvW-Fdjg6coxzi86N_qVzcAa_zJLYdbOD-x9IODKttcejTicFcHAgAAANdSAAAACGgBB5kCxnedP578SRV3UIT0jrynPH-ikGOgWG1N-5mbC8ag2EbUnRO9NFBU8v27oyUkHR9Goo-ZOWqFgik2cD4K6eNlIlO68kGgkKNSfz7sUx_Es2CBF3iS5ANQTvBb7Qqc1UkcvA5YML3lKB9KPCd4geylO_qmJFQ9xwTkXMVxynQpDfM0WzRZbfPBoyjy0RYYZzSH7LNN0SDuj_85I5loxhHKdLnQqlgyYPscwC9mAib9v7xuh_aXZFy9ZzRY7ASMY1mj0pBDLCTqta9GmGvQiBTknLomeazCSpGbAQyIO4I42Q2eETh4EdLZdH2NJaOQsfdmyZHNQaMSoIhSRR2G8Rv9fWtsWQOD9L6z_ki2Rqzh97KVg_AX-P5pGTiuPUukSvebOiPXZ7dvgjlALZT-gyY8QRTuppOQSGNtuGkHoqW4OdZVSnCO-Z0qEZi_T63IXmHLamVCFuEFFJvKTA_aXaujjabcGldLDPlRGMklFIywthbcYWsIxWrN30zoLugd2QOsI3QymyoeAvp7OSsht6beOreP_QCV8DL6kAtxBoP28AGZunwEllzm_SJ104yePboid8_kfrWh9bCSzkTIFJNh_SH6K3lbmrc3nCVxy4EudY0oMTo4IxAsJCHAhdx5qMlZp2FhByyWRgFFGmbyDwpmvmmvYuUDg1ehaCU6FRzlmXluvr7MNxc5lNWm2zwHrfRlfMlSCULirRDVdqaZdDBzidtKQConXWzzC9yqZ8whwWmGVrHmnJRb7tIRcjM2PFj5uxP0xe9HenJDz5LaDCO481vTqzRqJ-RligGKw44EJUfqEP6S0V3P3JSffJiYi5zYxSflAmnKri9ISt3FZ0H4ETrnWI89cxsUqKo5HkPKx1DMbL7xbmh_s1wJjNIoRVK8UFG0VNY8Jc5QrD5WlS1hLN-OgyWPNHfbmh2IGhFWMSMVQkBYPB9c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
sync.php
pixel.rubiconproject.com/exchange/ Frame 8970 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM9SYKHD-T-IVD0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694129498747&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1548&pt=2002783584&tz=120&viewable=true&ddast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6fbeb05c4cc314c1f1f44fe0cc82b1ba5369178b241ef5621d8a4c92dcb44256

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1439
x-cache
MISS
x-served-by
cache-fra-eddf8230073-FRA
pragma
no-cache
server
nginx
x-timer
S1694129499.751725,VS0,VE48
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame 63E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=4347454479485159&bg=!S0ilSAfNAAa6D61Rmg87ADQBe5WfONYCtY3A1c_rDldA0lSBLyWvwWNk37po3Ifn3h0E3VS65sGRLVXJRaNbqcd7Bz2JAgAAAGhSAAAAB2gBB5kCrS3kG2Guw0YlAS8OKFukhFbVxyubnu1SakXYLMeFaBjenMuuOf4wUZK4pigNm1PoEFDG28qyKdLyacvuVatPuREfmnO3uGIJiKGf9aX0yPigjuO5cctNGxhjpMwC9MVtkXlcPlTbfFKjGo-gFmAibhPGBhIExPIzeyFe9NUjPPAELZuFQiMGNfLnTxQF2KNzkwt1mpaA9vPeXnfjoHcARu4-aS_Az2vx7ot9YfFplojZYCUdhLavUNxrBM41B0Wk8p6O3o1WrjUMeriFU6SIn0fRxPOXcJf0dyBtlu5FS9IGxw3apj3zWroXRAnKrTgjsBWhSM5ocgqmQFbeShbnN78oKv-g9z-dbc5Zld6Y2AFfbgYfXUL1CWHCR0wy-w-gpR5WPhoppqRmgcwo2a5DWSr5xXdNgS0jOP8a3R1sK7cerWNjjWf8FsjYpkMJTmLsh-RhyO_VmG5vfwwDhy9iIQOIdkbt7gi2sI8Tr5t9Qc_LRCHXnbANBLzcpgz19v0YDerud2L-uXJE6HyWXbk80ihsjIzyio2rVBof-mxPD62mg3Z9aGkRYm0p1ZtLApX0HBNxRzpwloJa2jZ4CaFzrpTQohv0kWIUgTGjMXuBbkM_QIPzgxtA_mKuyCB-yfG79rjvxuWjjn4MtCPhb9-4z8PYAgNa1UPcwvY8um8Ku4DUiylZ192Rzzl6JgadS-HMmNi-H65acCSR5ThUehqqX4g5wYOrwAduDj2255KjBl1vQq3TiAu2Uc1SxSpBXiCLnmFPKun9g3Ntst3YvgNe6mO7RQjhiLjaa0lg7_JT91YXSBP0OCy3NBhutUvWIIe4gHTFh_2I3BJJJuxHP_fkpgluvTn7rJZg-MKnI0nD_XHB1WMJUniko6ss-kIomhn9C2cIOsckEoOOBMWz7oo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/ Frame 541F 		407 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 10:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
46494
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131474
x-xss-protection
0
server
cafe
etag
4360487527687814013
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Sep 2024 10:36:44 GMT
1733739090128167800
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3308
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1733739090128167800
0
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1733739090128167800
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf182fb318d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 07 Sep 2023 23:31:35 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1733739090128167800
server
nginx
8310279cf12a4acb628b2a19c4ba7d6
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 1FBD
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/8310279cf12a4acb628b2a19c4ba7d6?gdpr_consent=&gdpr=0
0
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8310279cf12a4acb628b2a19c4ba7d6?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8032bf187fe918d6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 23:31:38 GMT
Expires
Thu, 07 Sep 2023 23:31:38 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/8310279cf12a4acb628b2a19c4ba7d6?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1694129498919013-339
v1
match.sharethrough.com/universal/ Frame 37EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 541F 		492 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1942622106207239&correlator=4068262428889894&eid=31077647%2C31077684%2C20222282&output=ldjh&gdfp_req=1&vrg=202309060101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694129498952&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=32ng2zajn2zr&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qNq9UxXujjWN0_lyxY_cmgatTRyJOWq0K47Ga7_hU1ryF-tZl6RLuNnY7lGsIXpnXOiSVyRT49RoXlnkR5OTqFrZWlCYsok43dv4znXTfuQZmzLEaK3gWy1WWLPypQzYG7Chqbx6DG3L4qGo4ML9dWXTiMakc4Lri2ILlh7aZtUnzGb_JroZ9U_Sx1AxYHXFybJtCWqzoiH_Wfd8FRR4_8YeWo&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1878628839.1694129499&ga_sid=1694129499&ga_hid=146338167&ga_fc=false&dlt=1694129498655&idt=186&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a73d2e9ef4240942463b620e0e5b732f11084447933bb76a0b011e5d76640a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 541F 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58f58d750915af5cdbdb6fd74c754c2ee38b68432de3925e7888b4c2ce1d3693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11764
x-xss-protection
0
container.html
3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 52A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:39 GMT
expires
Fri, 06 Sep 2024 23:31:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
smw888.gif
us.ck-ie.com/ Frame EFD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 07 Sep 2023 23:31:39 GMT
Server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 541F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309060101/pubads_impl.js?cb=31077684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 23:31:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C262 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 12:14:14 GMT
expires
Fri, 06 Sep 2024 12:14:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4759 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9b8d6d316f3861ba3e0f8c554b96a7adcdd1112faf0ec641be590c551f1c65e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ABHhj3wFYTWkws0DSJ-M7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-ABHhj3wFYTWkws0DSJ-M7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Sep 2023 23:31:39 GMT
expires
Thu, 07 Sep 2023 23:31:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
pagead2.googlesyndication.com/bg/ Frame C262 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/81CWfJXVKlsu8MGYrMOugZJXbT_ZbGgEcWoW7e6PqgM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 02:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
161959
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14745
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Sep 2024 02:32:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4759 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309060101&jk=1942622106207239&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C262 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tMNbLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
async_usersync
ib.adnxs.com/ Frame B2E3 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:39 GMT
an-x-request-uuid
1daa9a55-f871-43f7-98ca-d389ad472323
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 541F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309060101&jk=1942622106207239&bg=!rK-lr-DNAAa6D61Rmg87ADQBe5WfOAbfz0fXzR5tmDNquIsSkGe0vwg8Dg6XxjB6zRPvPR2xI9Zs_ydYgY7gj7Nu4dzVAgAAAGBSAAAAK2gBBwoAdHS0BpNH4WC2i_CoolchUm-87m7TMNg0o7HzSTytuFZVwHMsOLrtykfscGn4adXWqlpem4tlSxZmaBzFt8DrlbNfEUSKW0Ep7Vb3CE3dNje3lMod3U5JQh9g6FKw-M0FZS3hlSwJtCYzlU-REA7UZ7pCyZqwmQLlTIGVsoYJJ_IKRCY1PV2hUXkaA7-kAc1b0Pw62zfXm7q52nuB1eHBQPI8IXWhXgNxDO-K73Og-Ir-Vw-nus9wNGnNKpvFh6gcyNpeZUE9nyCJgy4ySm5-CkcOeeQfUIez1i9SE3QgAXbfukaHjYkrZzrKCwOPTvmQyv89lJphcvLdzOA9LOF7C-2_w-j3h_2u4U5yhDyzxpBS-xLdwYuV8uQbY0TkMCE3QURk2iSuWMG6pU6nQY1WWR5AHZFyqHcL5-VBN-JfVTi3cfCQtD2q8e4YLgT_YVb6xSZ9DG7uyPO-ooInvwGjw5HH6dDpsenWaWNhuGj3Nrcx_Ve1SSuwjWsWVsgvUk_pEW4pRqvzQvcyCqBPBgZhf5Le72pQ9flT-_TJsU_B1ED9cNm85v2eM_pfkjbc5hCGyRI48d4v5F2B0WzfPTHHWirT_M4wyRCy1GKLXgGiFPKpKlu1HpQ9i58I3n0oCImObZ8pKNc2bAAnJp5ILqiPFA7G2rttCFkUGC8AvUaIET4sDNOwKPErTyLnATLnROzIqdWGQrea7O_1LMkmkfjxDeWQhYtU4eow3zcmViU2Tl8to0KsSPtnluvERGrtnH7Bp2bcxj0xWCniiHbp0jiI3ERRmIMAIAuwj8ADceGnnZVLrOo_eoIVAScXy5qkzBXMWu50ZvqkbE1krp_2hY2muzU8lUGJqenakM6s7SjvHNQoH-zFZQr-HaMFVFhV-jYO_cbsKLQsTz-SVYQ2uB_3eYZfdQPZbbpbatjQJf7xous0fnbTBuTFVfF4-8m7zn3LjXtYPyOltjPlo_Bv21tSOZS65aCpbBE_pdWfqUts1q5UI6ZrPPasrmFuncIbafPYWKP0ghevZwRbA2d6MJLmk62FnOCTBwPwcSeEW-sx_vxIgnDO8J70AdaOaNE9kYDJ3sBzgiA0shOugdiSlC-eig5z7WwPzzNd2Abx2orSu1TZfWpPvi0oWRvVxakb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame A985 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame A985 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57063756&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
8b57f5c72183f4f57244a40680932289376e7d3dac70767d614bff909226e08f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Sep 2023 23:31:40 GMT
content-length
2045
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 460E 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 07 Sep 2023 23:31:56 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame EB1E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3572860629678642372&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3572860629678642372&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b88c19cf-7af0-4988-bf4d-4d832cb8635d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3572860629678642372&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
138.199.38.133; 138.199.38.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8B42
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KIQCOuOnXadA3vHChOu4h4rHJoU&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KIQCOuOnXadA3vHChOu4h4rHJoU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Sep 2023 23:31:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=KIQCOuOnXadA3vHChOu4h4rHJoU&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame BB21
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276230784805632146&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276230784805632146&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 07 Sep 2023 23:31:41 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7276230784805632146&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 2062 		85 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230110-FRA
x-timer
S1694129502.636177,VS0,VE88
bridge
cm.adgrx.com/ Frame F44D 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Sep 2023 23:31:41 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-6
Pug
simage2.pubmatic.com/AdServer/ Frame F06A
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 07 Sep 2023 23:31:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 2A55
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGQ1hFN0o5THNBQUJTRXgtMDg4Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAFCXE7J9LsAABSEx-088g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4675748140497970013&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAFCXE7J9LsAABSEx-088g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4675748140497970013%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4675748140497970013&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAFCXE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFCXE7J9LsAABSEx-088g&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFCXE7J9LsAABSEx-088g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 07 Sep 2023 23:31:41 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFCXE7J9LsAABSEx-088g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
ads.servenobid.com/ Frame 819A 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=28B6492E-5EA6-422D-8273-13906E0D69FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.70.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-70-148.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 23:31:41 GMT
mw
mwzeom.zeotap.com/ Frame A985 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=28B6492E-5EA6-422D-8273-13906E0D69FF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:41 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8032bf2978932bb9-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame A985
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:56 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:56 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=28B6492E-5EA6-422D-8273-13906E0D69FF&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
loada.exelator.com/load/ Frame A985
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
Protocol
H2
Server
18.198.69.109 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:43 GMT
server
nginx
server-timing
total;dur=1.000
etag
"643d20dc-0"

Redirect headers

location
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
content-length
0
sync
x.bidswitch.net/ Frame A985
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725121148145&expires=30&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725121148145&expires=30&ssp=pubmatic
Protocol
H2
Server
18.196.138.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-138-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336725121148145&expires=30&ssp=pubmatic
Date
Thu, 07 Sep 2023 23:31:41 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame A985
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2679285247136364601&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2679285247136364601&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2679285247136364601&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 07 Sep 2023 23:31:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame A985 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8285 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61881787&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
0c12c95139cde51859ce269dd02adcd169dc42b21de5a7a76fb1bf968f3d7896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Sep 2023 23:31:40 GMT
content-length
1457
content-type
text/html; charset=UTF-8
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1694129501660&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1548&pt=2002783584&tz=120&viewable=true&ddast=V8h1UCLAZkLqxunuaHNxDIXFjdPM0PbygAAABgYID-AElsFjOHx-FZyxwz41o0cznWytVotpasNhbTyOVy2XaDISCJzWLm8Dg8a5ljZlyLZi7HWrkazdaS1cZiGrlcLttuMAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AaBgmg6HT7XvV73-90lPs9c4_cr_NKH0y11OtzKv93nljj8brXfrTm67D635GV3y50Ou1t6dD3sbsVusPa7pU67W-Zwq11Ot_Rhd-sedrfa5XTr_HafW_r6uzVG18PuFjndItdb9HLLXXafW-x02H12oelttgMAAACAB_____8QAAAAACIAAAAASAAAAACgEFDh34LABQAAAAAM_____xoAoDhEmOVh99pcl9NB4TaoHU67PwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxRGyoBfkbU1-eSEFwEUYAAAAAFI9NCo9M0gkqFlX-___7rQBcAQAIUIzjzzzIojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaTCjzRBCrhSan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PCO0my5FlNJq4Vg7XbLVyLZejlW2wnHgmI5NjYdue2LKhZdwl2pA-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvszEIvZAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIhjyGAermWe3VrksG7doMNu4Jb7NcK3YrWwe38Y5mRkmbtHrY7rYPCvLyLZFggGHe5E8LdKJbLGbLDYjy2LlsNk2K5PLODENFouJZeMwbUyDiUUs0Zws0onssi_tJsuRZTSauFYO12y1ci2Xo5VtsJx4JiOTY2HblzzGwWrm2a1VLsvGLRrMNm6JbzNcK3Yrm8e3cU5mholb9PqYLjbPyjKy7Ruz5WgxWY6Wo31jthwtJsvRcrTv0Bm-q8_ZqCyrJB-ZaTzu3XI3p0HhMli8P4lpMe3ODqKT7-iUOTzKgs7o9_v9fr_f7_f7_Qat52A2KHy3aV_i7Xl9f5vo-TgYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4pQ-nW-p0uJV_u88tcfjdar9bc3TZfW7Jy-6WOx12t_Toetjdit1g7XdLnXa3zOFWu5xu6cPu1j3sbrXL6db57T639PV3a4yuh90tcrpFrrfo5Za77D632Omw--xC09tsEUsEp4t0InoZTxf1HznEZjhXLJdzzXCu2GxWCQAAAAAAAADAEkwz3QQAAADAyaCGm-FitU4HM5lNBrvVcgFcBGXpAgYBAAAAAADYFXZ5CZl4yGRQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTQBZFPf___8_DgAAgIwcegAAAPT7AAAAAAAAAAD4EeRgNdw_ABVirVar2421Wq2ABLFbTCbw____Hw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vF!nonrv_vA!t45!testmsn_vB!ufm_vG!ufrlt_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6fbeb05c4cc314c1f1f44fe0cc82b1ba5369178b241ef5621d8a4c92dcb44256

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:41 GMT
content-encoding
gzip
server
nginx
machineid
1430
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C1FC
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d419bc8c974de7ac1e3822d664f2a9
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d419bc8c974de7ac1e3822d664f2a9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d419bc8c974de7ac1e3822d664f2a9
pragma
no-cache
server
Tengine
Pug
image2.pubmatic.com/AdServer/ Frame 7A7F
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725121148145
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725121148145
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 07 Sep 2023 23:31:41 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5142336725121148145
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 71F9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4877306777300480605
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4877306777300480605
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4877306777300480605
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cm
ipac.ctnsnet.com/int/ Frame 5B34 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 07 Sep 2023 23:31:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 09EE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
42 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 23:31:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame AFF6
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=f52eac9065476057/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMVXngjRaUVWTUaVT&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMVXngjRaUVWTUaVT&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=7AicPGkHMVXngjRaUVWTUaVT&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame F1EF 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:41 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-4333d74881cb@version_1.569v2
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame EF57
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=b59ggo74bghr
42 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=b59ggo74bghr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 07 Sep 2023 23:31:42 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=b59ggo74bghr
lws
20
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
usersync
usersync.gumgum.com/ Frame F2A1 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=28B6492E-5EA6-422D-8273-13906E0D69FF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 07 Sep 2023 23:31:41 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 8285
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1240db71-a3be-4661-87b1-a131e5ccd71d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1240db71-a3be-4661-87b1-a131e5ccd71d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1240db71-a3be-4661-87b1-a131e5ccd71d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 07 Sep 2023 23:31:41 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 8285
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 07 Sep 2023 23:31:40 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:41 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3960&_p=686803797&cid=2097357468.1694129495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1694129496&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzai-jia-yong-bao-mo-sheng-ren-nian-zhuan-170mo-jin-fa-mei-zan-wan-mei-gong-zuo-chuan-di-du-te-neng-liang.html&dt=%E5%9C%A8%E5%AE%B6%E6%93%81%E6%8A%B1%E9%99%8C%E7%94%9F%E4%BA%BA%E5%B9%B4%E8%B3%BA170%E8%90%AC%E3%80%80%E9%87%91%E9%AB%AE%E5%A6%B9%E8%B4%8A%E3%80%8C%E5%AE%8C%E7%BE%8E%E5%B7%A5%E4%BD%9C%E3%80%8D%E5%82%B3%E9%81%9E%E7%8D%A8%E7%89%B9%E8%83%BD%E9%87%8F%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Sep 2023 23:31:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=12611&tvi50=9058&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230905-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Thu, 07 Sep 2023 23:31:42 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7147
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230073-FRA
pragma
no-cache
server
nginx
x-timer
S1694129502.031658,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame A985 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 8285 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 23:31:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8ca2b153d55f20f36eac613f9f9315f7.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ad07ff5ec76cc875a70a514110eda87e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1286d8902ede414051b8f917e865a90b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8cf22d981e9ce9921ff0d821c9e64b07.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202108/1a0088862a004991463f2cb512b6c73d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ce080767c104c399e30b67d967d6944e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4cc79f0001e1953870ffde5308ed13a8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202305/84e1966da1b8168176251ac49dca1b0f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202206/b7aa831294915ebe084c87d03451e298.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/b6b473fcd36e5f2d887c10519f16c782.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/01ff2b1ba502ae915a79eb7eb5dcffbc.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a2ff524ee19cd82bf257633716864924.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/625789fecd6706240e54f17efc1dbc0c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202011/6b39f486b3345755ae4fd96da406a54d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3280021f18e2be739ee7fff233df3169.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _typeof object| TRC object| _tblConsole undefined| msg function| _statcounter object| adRecover object| AMP function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| $ undefined| jQuery function| jqAlias string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| runAnimCheck string| nam object| placementData undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal number| ampAdSlotIdCounter object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| ucf object| request object| Criteo object| cmTag string| paramsString object| aries object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo_identitytag_141 object| __uid2SecureSignalProvider object| __uid2 object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN function| quantserve function| __qc object| ezt object| _qoptions number| ampAdGoogleIfiCounter number| ampAdPageCorrelator number| vidverto object| aries_registry object| _cm_wfCounters string| lastWfUrl function| IMA function| startCMTagMain string| category function| VidvertoPlayer object| vpbjsChunk object| vpbjs function| inView function| VASTClient object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog boolean| noPreviewPage function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| dataLayer function| gtag object| google_ad_modifications object| google_prev_clients object| google_tag_manager function| onYouTubeIframeAPIReady object| listeningFors number| 3pla object| GoogleGcLKhOms object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| google_image_requests

157 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1694129494.99406B9F22774F5344FA0E9253F56666.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1694129494.0
.statcounter.com/ Name: is_visitor_unique
Value: 1694129494116777347
www.bg3.co/ Name: __AP_SESSION__
Value: 7f0f5237-b500-4c9a-86ea-8ff0f2caec68
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Ddc805f37-ee2c-406c-b738-17efc7c92f0b-tuctbf3e2d6
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 7bd48add-9931-4c91-b933-dfebe99b45d2
.doubleclick.net/ Name: IDE
Value: AHWqTUmB0Yj-qJ2kr5bUZ7cAn8VIqvN17ryRmFtUGfykc5xdhOx5NQkRjtlVV3B04ac
.criteo.com/ Name: uid
Value: eb3cbdb8-11d9-4f1e-ac61-21dc29556b73
.rubiconproject.com/ Name: khaos
Value: LM9SYKHD-T-IVD0
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qri1a5hwwJwBnjc0/aJelRdbjRFtGIHH0sZNJ+y36GMzJMn27XHxvRstfiRKWGu/9Gm6ATd3nYVm2VAW2Rcx8BLIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.bg3.co/ Name: __gpi
Value: UID=00000c7026a54111:T=1694129494:RT=1694129494:S=ALNI_MbLlmS2XvO0d9enPPEJ-FqGjoXk-A
.adnxs.com/ Name: uuid2
Value: 3572860629678642372
.prebid.a-mo.net/ Name: __amc
Value: 2_1694129495_1694129495
.openx.net/ Name: i
Value: c420bf79-bb8d-40b7-a1ec-5d0c5f1286a0|1694129495
.aralego.com/ Name: sspid
Value: 334bdd6c-6a2c-32f9-9e6e-f5c9d850c08a
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYAiACKAIw17rppwY4AkACSAIQ17rppwYYAQ..
ad.vidverto.io/ Name: moxuuid
Value: d54551e7-fb5e-48ea-80ab-e929c889c9fe
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1694215895
ad.vidverto.io/ Name: _mwayss_imp[23242][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23242][frequencyPeriodEnd]
Value: 1694215895
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1694215895
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1694215895
.quantserve.com/ Name: mc
Value: 64fa5d57-7b169-643fe-4bb9e
.casalemedia.com/ Name: CMID
Value: ZPpdV4YSjHrx9Y-tzH4ncgAA
.casalemedia.com/ Name: CMPS
Value: 3259
.casalemedia.com/ Name: CMPRO
Value: 3259
a4p.adpartner.pro/ Name: apuid
Value: d95dd0c8-6f1a-4d86-b192-bdead5062cfd
.bidswitch.net/ Name: tuuid
Value: 37127951-af8f-4ea3-84f4-b623c8bdbfe0
.bidswitch.net/ Name: c
Value: 1694129495
.bidswitch.net/ Name: tuuid_lu
Value: 1694129495
.bg3.co/ Name: __qca
Value: P0-1570509759-1694129495285
ad.vidverto.io/ Name: adpartner
Value: d54551e7-fb5e-48ea-80ab-e929c889c9fe
.aralego.com/ Name: euconsent-v2
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVUqd]5<!]tbPl1M>e)ZlrFUfJ+tGXxp$KA8[0=9/5kL%I7X?LGE=K.fB+Yvq^23>3#>3If)y3KL9D3I?+z!$RbZ
.doubleclick.net/ Name: APC
Value: AfxxVi41g-veZSwZbvkZIKIZ3vEe_6P_XUOE_HWFet7CkfLPrZzVpg
.yahoo.com/ Name: A3
Value: d=AQABBFhd-mQCECK7ZMZbcMuEuUHnECIUPggFEgEBAQGu-2QEZQAAAAAA_eMAAA&S=AQAAAiHyI5L4wBwtkpTCAZjuN2E
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 97eea2f0-7093-53fb-bd1b-5e3bd9e10363
.betweendigital.com/ Name: ss
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.googleadservices.com/ Name: ar_debug
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A9qWPSxubkobr7RyW2uFl-Q
.linkedin.com/ Name: bcookie
Value: "v=2&564ab9dd-1bb3-40e2-89ed-76310e075e47"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQxMjk0OTY7MjswMjH5/UN/2OPtLkihxF3RXR8NPuuYOjzeKgXaQFTpBPX2Bw==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2977:u=1:x=1:i=1694129496:t=1694215896:v=2:sig=AQGp7KkaxTbxd3n87a2YROpyVZ2E3P6E"
ad.vidver.to/ Name: bidswitch_com
Value: 37127951-af8f-4ea3-84f4-b623c8bdbfe0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bg3.co/ Name: _ga
Value: GA1.1.2097357468.1694129495
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1694129496.1.0.1694129496.0.0.0
.bg3.co/ Name: __gads
Value: ID=62854bcfacf7a2f7-226b49f068de00d5:T=1694129494:RT=1694129496:S=ALNI_MZOPZL6jDOOz36NyzVkiTZ6qg_ATg
.3lift.com/ Name: tluid
Value: 278047853627028064272
.adfarm1.adition.com/ Name: UserID1
Value: 7276230784805632146
.simpli.fi/ Name: suid
Value: 1A3B2A862ED443DC9C59B85BA9D3FFE3
.bing.com/ Name: MUID
Value: 33CF772A090967C6239B64AF087E6691
.c.bing.com/ Name: MR
Value: 0
.w55c.net/ Name: wfivefivec
Value: a82YGSY31QEotj5
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 1733739090128167800
.bg3.co/ Name: cto_bundle
Value: W_KHQ19Fa2hmbGZ5VmxNdDB2cFRYMm1sTllRJTJCbVV1b0N4Sk5aJTJGeXdTaXdtbmpUMnZ6VlFTYURpeG5ORlBURmp1VzBXbmNOMUI2NUdBbGRCM0t5ZUVBbXo4U1BvU3RZSmoyNGFoTGI5ZVRYdGVhZW1XMFFmdWJJeXRFNyUyQmclMkJNY0I1R1V4VVp2dVZ4NDFmdkhKaTNGd0pBWlhiQSUzRCUzRA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-07T23%3A31%3A38%22%7D
.smartadserver.com/ Name: pid
Value: 4675748140497970013
.servenobid.com/ Name: pid_317
Value: 4675748140497970013
.servenobid.com/ Name: pid_312
Value: 3572860629678642372
.lijit.com/ Name: ljt_reader
Value: HSKjqRZHiwqErkirRbG4O-ZU
.servenobid.com/ Name: pid_333
Value: ZPpdV4YSjHrx9Y_tzH4ncgAADLsAAAIB
.gumgum.com/ Name: vst
Value: e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab
.omnitagjs.com/ Name: ayl_visitor
Value: c1c36605936ea024411bc75398341792
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.creativecdn.com/ Name: ts
Value: 1694129498
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 28B6492E-5EA6-422D-8273-13906E0D69FF
.creativecdn.com/ Name: u
Value: 2mYy9MbVjkLho1MaObdH
.servenobid.com/ Name: pid_309
Value: e_9d2f13f3-cf9c-4432-8d73-8fd722e77dab
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjU0MjQ0sTA0MRXiM9S1SAoJTKoMjnTytkgBADCmqZ8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjU0MjQ0sTA0MRXiM9S1SAoJTKoMjnTytkgBADCmqZ8lAAAA
.servenobid.com/ Name: pid_310
Value: HSKjqRZHiwqErkirRbG4O-ZU
.quantserve.com/ Name: d
Value: EHsBFQHyKYEO-TD9r7EA
.servenobid.com/ Name: pid_316
Value: 28B6492E-5EA6-422D-8273-13906E0D69FF
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 5142336725121148145
.rqtrk.eu/ Name: browser_id
Value: 1:6d537af1-1399-4966-a769-c316d79f61aa
.weborama.fr/ Name: AFFICHE_W
Value: XG1URgQ90x5c94
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7d12c197adad9f45
.company-target.com/ Name: tuuid
Value: 2d3e8207-cb56-40b8-bda1-a044019df1e6
.company-target.com/ Name: tuuid_lu
Value: 1694129498|ix:0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPpdWgAOncThHABY
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY&KRTB&19420-OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY&KRTB&22979-OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY&KRTB&23403-OnEKpDkhWfIhcg70OnxB8zh2CqAhcQ6nNSClvCLY
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBeFBqqczCyGHtG3bMUxsfQ&KRTB&23025-CAESEBeFBqqczCyGHtG3bMUxsfQ&KRTB&23386-CAESEBeFBqqczCyGHtG3bMUxsfQ
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1733739090128167800&KRTB&23263-1733739090128167800&KRTB&23481-1733739090128167800
.bidr.io/ Name: bito
Value: AAFCXE7J9LsAABSEx-088g
.bidr.io/ Name: bitoIsSecure
Value: ok
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-2655afde-901b-3cc2-8da9-36e761a51802
.adotmob.com/ Name: uid
Value: 09892204009609dc57dd879c
.adotmob.com/ Name: uuid
Value: 09892204009609dc57dd879c
.adotmob.com/ Name: partners
Value: SMA%3A1694129498741
.go.sonobi.com/ Name: HAPLB8G
Value: s8654|ZPpdX
.servenobid.com/ Name: pid_346
Value: ua-2655afde-901b-3cc2-8da9-36e761a51802
.betweendigital.com/ Name: ut
Value: ZPpdWgALoJANgVeaXaKLW3ROGa5MAN9tY7llcw==
.outbrain.com/ Name: obuid
Value: bc3bde8d-37e3-4445-bb46-50c47b16c4b7
.turn.com/ Name: uid
Value: 2679285247136364601
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003%22%2C%22nxtrdr%22%3Afalse%7D
.ipredictive.com/ Name: cu
Value: 6964e0f5-6bbf-455d-b9e6-f5726177da0a|1694129498891
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2884023a-e3a7-5da7-40de-f1c284ebb887.56qKzykFPTg4jgNhh320nNoHqy%2FQx8ZUt6GiJmN9xc0
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-2884023a-e3a7-5da7-40de-f1c284ebb887.56qKzykFPTg4jgNhh320nNoHqy%2FQx8ZUt6GiJmN9xc0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKIQCOuOnXadA3vHChOu4h4rHJoU.4v21LScEnLANcKRsSQRmuDbDOO98x91xzteXlwsCpAU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKIQCOuOnXadA3vHChOu4h4rHJoU.4v21LScEnLANcKRsSQRmuDbDOO98x91xzteXlwsCpAU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBU2XBRwi8Ytm3RiphbxfMzE5gvVXc1TYqF7_zobck6QEHwYBCDauumnBjABOgT_Q_f4QgQ3ZOvk.J23GVpSQALRoA5Br8FbjeCrxsuBPqUaqPYrWd0l9EH0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBU2XBRwi8Ytm3RiphbxfMzE5gvVXc1TYqF7_zobck6QEHwYBCDauumnBjABOgT_Q_f4QgQ3ZOvk.J23GVpSQALRoA5Br8FbjeCrxsuBPqUaqPYrWd0l9EH0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b4a7560b-0320-4864-b124-6d95688a1d0d-003%22%7D
.smilewanted.com/ Name: sw_user_params_infos
Value: Is5ixf%2F9IIiKsBciFWUg6yKLT6atq6Kj1eXHKWS61omIFmcJ4lWnJDpATALRkwvQBIuh9n5uvJRhAg%2FSxChp6YWxO45Fb%2B%2FUTOE2Czsi3sNmhTnqusfo56xEpFKwBs5lY%2Fxjxo%2BOiS2fhcGwOS4yYOR6SGjAC0WvmgOpPBRHjc5ZDu0bI99KKa9TfiFrbQJqv%2BtEEiDiL0pz2rI5flPVKpA8YeKPZES5OLRS0xaMDOIrCsqifUaZXryBYAPN3X9rLXSmjm1YUX2UIb3Mh1f8CIem%2FYztnTrYyzrZbqwEie%2FYXXhoiQdNrL5qxjmDXknX3DzT4u2B%2BT3C%2Be7gjiywWg%3D%3D
.audrte.com/ Name: arcki2
Value: l469NghWHqFTdiavx1f7N-axA!20220908!1694129498951!ip#138.199.38.133
.audrte.com/ Name: arcki2_pubmatic
Value: 28B6492E-5EA6-422D-8273-13906E0D69FF!20220908!1694129498955
.zemanta.com/ Name: zuid
Value: N9JmkYzpgSaJabWXDErs
.audrte.com/ Name: arcki2_ddp2
Value: l469NghWHqFTdiavx1f7N-axA!20220908!1694129499084
.bluekai.com/ Name: bku
Value: ikG99a+5IZu2bhzh
.bluekai.com/ Name: bkpa
Value: KJhzp1+rLA9RQmsgsU43fT4QlyPoPOCQ79sPAxdRB11Ck7QGZzWZKwVBZ0bb4FmXz21BfH0LhKgdK2KTXHrfURo746TPDhUZ73dBHn5Bo2lwRKQBL5RWv9aSnzhTgt4w23qrQ8gPUpzY2saSqzjfEROVN65fDH6OV3Fg+PnN8KDLtCenipzxHA+wCksKmMSU/iFeymsJWcZxteyVBiOybzDtdrAg2wzzH/SovcACTkmy+VxGEQfImijezuhY4XXm47Zu//XkRTi/cJvBp/Ji+hw6uOwzI+cg0tuVhw+XFjxLvxXRm1ym4W0OH8Bp6tFllIHCw7g54S+b5O4Eb4H79wGwUL/=
.audrte.com/ Name: arcki2_adform
Value: 1733739090128167800!20220908!1694129499220
.pubmatic.com/ Name: SPugT
Value: 1694129499
.pubmatic.com/ Name: DPSync3
Value: 1695254400%3A226_219_197_201_245_241_235_227
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3572860629678642372&KRTB&23339-3572860629678642372
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7276230784805632146&KRTB&23369-7276230784805632146
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 0:4
.pubmatic.com/ Name: SyncRTB3
Value: 1695340800%3A35%7C1696636800%3A203%7C1695254400%3A165_233_251_71_220_264_214_54_166_81_249_22_13_3_234_161_46_88_254_8_21_56_55_238%7C1694649600%3A2_15_223%7C1694908800%3A63
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2679285247136364601&KRTB&23150-2679285247136364601
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmliaGRpamBoZmG0igWZb2Z0ShzGN7G0MLU0AwB8vSw-MAAAAA
.zeotap.com/ Name: zc
Value: 974eadfe-412f-408c-5faf-8c89ff88a500
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5142336725121148145
.csync.loopme.me/ Name: viewer_token
Value: 0c06a57d-b919-4a61-8038-c250e6c9b95c
.ctnsnet.com/ Name: cid_a98cf5f8809349f8865dffeb176157a9
Value: 1
.sitescout.com/ Name: ssi
Value: a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4#1694129501735
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-KIQCOuOnXadA3vHChOu4h4rHJoU&KRTB&23334-KIQCOuOnXadA3vHChOu4h4rHJoU&KRTB&23417-KIQCOuOnXadA3vHChOu4h4rHJoU&KRTB&23426-KIQCOuOnXadA3vHChOu4h4rHJoU
.adx.opera.com/ Name: UID
Value: OPU35d419bc8c974de7ac1e3822d664f2a9
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NDEyOTUwMTc0N30
.smartadserver.com/ Name: csync
Value: 66:09892204009609dc57dd879c|117:c1c36605936ea024411bc75398341792|127:AAFCXE7J9LsAABSEx-088g
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU35d419bc8c974de7ac1e3822d664f2a9&KRTB&23485-OPU35d419bc8c974de7ac1e3822d664f2a9&KRTB&23524-OPU35d419bc8c974de7ac1e3822d664f2a9
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858&KRTB&23418-a00ba7ec-3ef6-4149-bfcd-c7e7807c2eb4-64fa5d5d-5858
.de17a.com/ Name: guid
Value: 1.4877306777300480605
.adsby.bidtheatre.com/ Name: __kuid
Value: 1240db71-a3be-4661-87b1-a131e5ccd71d.463343501
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4877306777300480605
.semasio.net/ Name: SEUNCY
Value: B846E4F316502A2A
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23413-28B6492E-5EA6-422D-8273-13906E0D69FF&KRTB&23505-28B6492E-5EA6-422D-8273-13906E0D69FF
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFCXE7J9LsAABSEx-088g
.pubmatic.com/ Name: PugT
Value: 1694129501
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-7AicPGkHMVXngjRaUVWTUaVT
.onaudience.com/ Name: cookie
Value: 2c2cd286f0c4a15d
.onaudience.com/ Name: done_redirects161
Value: 1
.gammaplatform.com/ Name: _aGeoIp
Value: JP|Shizuoka
.gammaplatform.com/ Name: _aUID
Value: b59ggo74bghr
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-b59ggo74bghr&KRTB&23446-b59ggo74bghr&KRTB&23465-b59ggo74bghr

22 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/4cc79f0001e1953870ffde5308ed13a8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ad07ff5ec76cc875a70a514110eda87e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202305/84e1966da1b8168176251ac49dca1b0f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8ca2b153d55f20f36eac613f9f9315f7.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1286d8902ede414051b8f917e865a90b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8cf22d981e9ce9921ff0d821c9e64b07.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ce080767c104c399e30b67d967d6944e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202108/1a0088862a004991463f2cb512b6c73d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/b6b473fcd36e5f2d887c10519f16c782.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202206/b7aa831294915ebe084c87d03451e298.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/01ff2b1ba502ae915a79eb7eb5dcffbc.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a2ff524ee19cd82bf257633716864924.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/625789fecd6706240e54f17efc1dbc0c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202011/6b39f486b3345755ae4fd96da406a54d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3280021f18e2be739ee7fff233df3169.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://rtb.openx.net/openrtbb/prebidjs
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15131076705394902309/index.html".
network error URL: https://cdn.adpushup.com/42753/L2EvemFpLWppYS15b25nLWJhby1tby1zaGVuZy1yZW4tbmlhbi16aHVhbi0xNzBtby1qaW4tZmEtbWVpLXphbi13YW4tbWVpLWdvbmctenVvLWNodWFuLWRpLWR1LXRlLW5lbmctbGlhbmcuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=28B6492E-5EA6-422D-8273-13906E0D69FF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3262716b395e46bd391e32c00e9a6b1c.safeframe.googlesyndication.com
9aff00bcb337bee312277b9a736fde3f.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
ad4m.at
adpushup-d.openx.net
ads.aralego.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
adsdk.microsoft.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ams3-ib.adnxs.com
ap.lijit.com
b1ab235c9506ba93b6c71fb19f8a7172.safeframe.googlesyndication.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.statcounter.com
c1.adform.net
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csync.loopme.me
csync.smilewanted.com
d-1986575664913338571.ampproject.net
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipac.ctnsnet.com
js-sec.indexww.com
loada.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
wt.rqtrk.eu
www.bg3.co
www.bing.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.123.44.23
104.18.39.155
104.20.218.77
104.22.69.131
124.146.215.42
134.122.57.34
137.74.6.209
138.201.8.249
141.226.224.32
141.226.228.48
141.95.171.142
141.95.32.72
141.95.98.65
142.250.181.226
146.59.148.16
147.75.84.158
15.235.15.221
151.101.129.44
151.101.193.108
151.101.193.44
151.101.194.49
151.101.65.108
152.199.21.70
162.210.196.208
172.217.18.98
172.64.149.180
175.110.113.208
175.110.113.216
178.250.1.9
178.250.7.13
18.194.149.72
18.194.200.250
18.196.138.245
18.198.69.109
18.211.6.208
184.30.16.195
184.30.20.22
185.183.112.148
185.184.8.90
185.255.84.151
185.255.84.153
185.64.190.81
185.86.138.150
185.89.210.122
192.96.203.13
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.205
2.21.20.202
2.23.197.190
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
208.93.169.131
213.155.156.185
216.52.2.16
216.52.2.6
23.35.229.251
23.56.202.187
23.97.225.52
2600:9000:223c:5200:6:44e3:f8c0:93a1
2600:9000:223f:3a00:1f:4c18:bd40:93a1
2600:9000:225b:5400:a:e047:753:6381
2602:803:c003:200::41
2606:4700:10::6816:1957
2606:4700:10::ac43:266a
2606:4700:20::681a:467
2606:4700:20::ac43:4a81
2606:4700::6810:5714
2606:4700:e6::ac40:c526
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:46::65
2620:1ec:c11::200
2a00:1450:4001:800::2004
2a00:1450:4001:802::2006
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:3500:12::1730:179c
2a02:26f0:480:22::1726:62d3
2a02:26f0:480:f::213:7ed6
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:316a:16ef:4691:e00e
3.234.116.116
3.71.149.231
3.76.148.198
34.102.146.192
34.102.163.6
34.107.148.139
34.111.129.221
34.111.131.239
34.120.107.143
34.247.233.198
34.96.71.22
35.186.154.107
35.186.193.173
35.204.158.49
35.214.239.140
35.227.252.103
35.244.159.8
37.157.6.232
37.157.6.233
46.228.164.11
46.228.174.117
51.89.9.254
52.209.147.201
52.210.70.148
52.214.97.78
52.223.40.198
52.28.250.143
52.31.195.171
52.46.128.147
54.146.97.31
54.147.123.103
54.158.55.205
54.239.33.159
54.247.148.218
64.202.112.159
64.74.236.127
69.166.1.35
69.173.144.137
69.173.144.138
72.251.241.204
76.223.111.18
77.243.51.122
77.245.57.72
8.18.47.7
8.2.108.175
8.2.110.24
8.43.72.98
80.77.87.163
81.17.55.109
82.145.213.8
85.114.159.118
95.101.149.35
96.46.183.20
98.98.134.241
99.84.88.2
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
074704404de81b65e6b36ef8376a485e0a896466aabad00e335afd147e6e264d
0884114d5868c68aa6b0556a2e61118ead1c8d7f5b9b7c36bceeda2c73f1b322
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a48e012bb4285eb4704effa6ce62d6aac888523b52e0deb2a20d0a5b2e7a869
0b2f2bcd94a85b8cde84c5d20eba9baf56334b1315ef35370c577bff28b9853e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c12c95139cde51859ce269dd02adcd169dc42b21de5a7a76fb1bf968f3d7896
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0eabf223abecabda52f55a16a73a20e2465beacb8811cdb8d129b4e8378937b6
0fe2b906c42023a02cb9c0dca7cec8a4169930a7b602e206c204af65c8c53b3d
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
11d867fbb38bbaca59c05281bdd91fa84ec6f42bd59b1264bfdd61fd9f85df62
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13145054ee259cef974c0ac8e763233d340561960537be935b505ec2abdadc49
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
14f104399d8359196a887ad10bc714038ce3a7128ad96b05bbbfdc556d4bbe39
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1677c99fd5ad242c20e424a39aa36f878c209f41e929062741d44e01d855f00b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
18ce5dea8d9fab5758d9640c2a8872cbab808655d34bee0f193831bddc4cb1be
1bd79c76542de307f390d6dcf3a77a29f05c4b7a6dbadd6fcbdfd30f90406547
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1da8c9de4dd18fb2f600f2aaabe17fba093ff3e313b073bc5099775744e9590d
1e0ef6c597f965ce39c4f1ee84c911c3ce3c47917b1f9aa78a30bb3c29091345
1ec86c153f1c6b1aecdad927bfded4a00d69c82401e27dfb334e3a1071e4425c
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21519ccfe0562dab6ade862000b043394dbf8dbdbdd5aae97083580bb57d2c69
21691b08b99d19871b8fd7eea6da00c94347b9dac763480b810abefc35f6a474
21ab0a70ab4f0cabf7a0dc2bad514ab4d679f5b9d664ebb0183ff1cb41202a6a
242c5465ba8b3bbf233eb01f0aa4d6dc554007e6a0e6ab73d13ac35b2f02ec10
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
26f53181978b273915caf52ede12168abd6685f9e56acbc985ed2415cfd779d6
27217d62d4d71324190a07fbcecb2f32d60c39205941ea47dfdf2489f9e890e2
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c
27b573dbfea6334a0044c549212a037b6e54491aac4b145f0da2643508e85b55
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ea816697c59eb2a705dd2a0d1a768eef5a2ee301be963fd835a18f7d9f2ceb3
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f06e995e4dc83d1edb761524da0dcf7bd79b0cd59a575850194b66c3a61796f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3216e63497554ee61f387175cc33f2893c79366810e4e537303c60b55799634f
32d341cafae9d77152167d8d98e58c397cd1ed57afdd6311216a6afd2cc61a48
358f7440b9173bc11ae41208ecef4414a4f0e9c2a9476668171727bf619801ce
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37c057da86439d17d3c65a2daae1cba3b39774a0df35d50b6f883e3712fa9e73
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f6d6277ab06b5e13778a38618449775d36fcc5ca8962b4085459451f773e992
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401090c146656a3119d8f7b8b595547af167f06680fbd8e9db0c0cf95bcd7401
41b2fb11815c5444932aa8b5d0478e62b2261712dfe45f93e1ce546c4f8b7033
41c27c188f66867b74a7f83586eaa980dcba24fb1dc9cd301f6bf0ea6a8604e8
42972833f3cd3e67adf2a2d107f2982a6901d6ed8b5b379d8822d18ca67b036e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448d8331b893bad2557553ed57d43d5f2baedcac7134996522bb2315ea7030f6
45374cef866649e18d61776a69762db195b302284c67be04c874359fa8967345
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4706274d0de4c2a37ae6c65928650b9d797ec347a4c5dab6446912a28920a9e6
4742d841247706ded62d8e6d6c81b79fd12a98489a61bbc82cb30fe9483b886f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47f58a924e2dea4166088dcbe825c4e68f56d5182f8d40079e603f26008b7dc8
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5a009cb966477a65fc95561fbd24f5e27be6cd4ebf966ab8b4a259e7575791
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd0d73d5ecadb5b80d3e5a901564b14a90d3436e11f860795ab53098f24b1b7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507659079246386a573bc25ae2c24090adabe089f65f34e98f31233e6c27e650
52221357abe53db1d45fde755989c33ac434a551b8c84288c18a486d6ddd9135
5302bfe1d93dd4e0efef96171eda6cc8a0a07b18d1ed21d428db1e49c397d33b
537d58d06cdb948ddbed0541b769fab7e240bf3a3f8aeff4d199d3bd26a0b91f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540dfacb5653359db263f2d751b3494596b42b5acae30bc379eec33e87ed40bc
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5511ee4877839cc14442cd4c83ab66c8e8bf88e6346a512b7dec5993af276d9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55cb2ae51a6191c5c7e6926d031ac9c1782416b1e31fa5ccd8fcbcc2cddfdb7b
562237d231790f4eab1ddfb16605e6f1e7b13766636c6dd7644b9428b8f5db4b
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58f58d750915af5cdbdb6fd74c754c2ee38b68432de3925e7888b4c2ce1d3693
599645e72040955c480e59dcf08c70f42da9034396003590b62bf0c7bc9aefa4
59c0eee45d147d68a40864deb144f07fe8f427b8b17691b8b1e1c32c6f2eeb42
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded1a015f8d53c1c8d8c044f80e0d35d000c5cd2151a339807f148d7441273
659c04daa2a54bef52f7966dc3500b8e702c6c8cd1c4a3bf5516234d3fb10a74
662386ae332c263dc00580ac485b0fcd4f7cd139534efa33cea2efc07b0e3046
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665ee1d8b38a3b07d74b37a1ef371fd575e3303e6b42458ecda58cd3c3a4b7f4
66b5096346094807a758c1a3405d05a9d96ce93ac76d201d7028d0a4121bb233
68c9b585e4b7bed0162034533ab90f9a0c90d308b059fddc9a21a483c6d065ab
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6cfcd73faecf75e14b42ceb90b336429b58eea341602fc6da36f4f6670c0e8de
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6dc8149f3046ad263214f23ecd2305253c6836e3f14277a5b1f90daa35d25e52
6fbeb05c4cc314c1f1f44fe0cc82b1ba5369178b241ef5621d8a4c92dcb44256
71367f94c1b70e405665a960650d544ac4eda6ff628ae206d5826766dc674e96
71736625c897f816fc0e333aa593e0ccb7f51bfeb2e7ec76906faa4948bb72aa
71e375d5444b117a25725466b97c277c7b7243523340f8ace4c58ad259f28982
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7473ff09b8a826454a8134b4bf6480eebddf2472895fdebb7beb890370041610
74ef1dc879279b310d54c27709e0b28aa7d18b1f7c23b4f1733b03047d538f2c
751713ddeb5b0f39cdae9ac0d8784fd2287a8777acd9d212ee79968c17aa6dde
753fb7920f24cc72426ef9369c1d7e599f0266c6e25630703d9bbeaba470c963
7605b3f82549b5a4fde77fde2ae25e475377631a74efa4b6cae48e927b0d83c7
7a0f211dea31b4184dea7c5bbd8a8092b9fa6097c101cb11916af66937194cae
7bc9a725bf6c833672ef4dcba2d2519271918b9dc6a1025de78abaa552152ffd
7bf56e3c02ae7bf9b9a214070a6828838ec3a3205a5decd6b70e29a73194c56e
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7d77229f869546d4dc712c44c3d9853c514266ed85d023de0e24b5c0eecffcb9
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f9595e3aa6b60c1fc36a8494200ea88afd505428539868293a6793d13fc80ad
828ee434cf8789978395f738b0bf4702de182cda07727e654d8bffa83750c875
82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83080dd98c9b6f663826528f01fbdb912fcfc91e709dc0628650d9f3cd7d0b42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8443e5d0db8e740895d4feefd5cef826c0375ca49c710bbe9c6b0aec499515ea
84ebdf1d74f506b0dbbe946fb92f71a305aca260cef7e1121132c67c6d746407
851e04ab30d3036701fa3d2b2a3db761579f1319cda0819efb17a2d7cf3a2862
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a19cf541c608e091827fee56384a9254d7c3f332e5be5df05e8f341effcfb37
8b57f5c72183f4f57244a40680932289376e7d3dac70767d614bff909226e08f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da16786a2dbff71148a948ff73a6e703df5c1d5dc6b4b0792c4f49a2eb17c1a
91204a8bd4e862e8861aa1eabfcabd5ea36be2a8aa415c810eb8231c65040a67
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9327a76a2b72156aab87830e2fc6dd2ec695f4e1a7fb51fa22548226129c1141
9390e1e88f89bc0da04f7470af886eebe18369d60fcba68bd9776eabb857b724
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
946f1da9df8e22db61c01040f23bc327195e43772dfdd05502e8cc9930199905
94d4afc126f898f93a1429fe9614d32b33097af10fd4bd1d7d96c4fc3c0c28bc
94fbae877ac9ccf349fb9534c36b97a6e6bb6adeba86ea4cc285842b560e16cd
9621f10624aea76282045e62bf911a536643165bfc8bf7b0992d23b2e5f94767
9647dc8943014798bcedb3f9859714f09c6b0c8adff125a308c5dabd184741c6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c556047adff7d1633b7c2c6167eb1bda53040945c844941156248ece8d3996e
9d50ea00b1ad0900713ccbd2e79bb4a44227925dccd426e5bdf6061ea01abd3f
9da2d7a84e76c27b93b2c4cacf7d94664404afa4c832a51b61516c3e510467c8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a042db05b3deb9bc8f9219d7789eab00b3abb930f5a9baeb5901da6a8619a4bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a2c0b56e48f5c453c09b9229d70e9e85aead182f70b1ff39245061bf60af6bc0
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a61b789d05893d4667d3b5872e4034e5fa751f7b78aa54ba6f9b986d5efc8445
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6efc7293aa79688be8380e99578521f8de14714b6390605b33a2a829bf09abb
a73d2e9ef4240942463b620e0e5b732f11084447933bb76a0b011e5d76640a7c
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a95e1c484ca423edc8c702ed9c3573db515a247f39450c3103bd1c94df043d83
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ab26e5fdc70f81dec778eb313ee86ff75d9f2c539e406790c1ca3e664838f1be
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
adde0393fd093085ac684eac270c149bc04554c4beb2c40c4d8e4be94d614104
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
af93646126dea6cacd97c688ce5de518b1d264ebd1774efbc879072e2759e93b
afeb2fa54ff0c7f506e29ae5b8d60781b1adaadd73de27375d27f06b2f5851ee
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02a3ddd8fd97c57e698963bcb82f8d98ded2109db4db4d126e560c71f9c04c2
b0f780d05f1b7c9c3252d8f51a6a3cbd68024f21f5cda25d2ab072b632c3b43e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19226cc2de5fc76b98a1e3b1c72f90f202f999b7bb6233d179d0425b41af37d
b2667c5a21fcde467613da8c09a1137467ff3ddbefd3cd4a8cc9f1b794524fba
b5cd738185f5f7a90b7607716666da8e79092a8259d6c6d182301975400e2b13
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b9816825e57948e875d16d7ca82162b33a5ae91aef1a8b371e100b45e8d342fd
b9b8d6d316f3861ba3e0f8c554b96a7adcdd1112faf0ec641be590c551f1c65e
b9d5fa4f593a0af41ecef37a393b5d14e1e0efce57c2b2f6ab885d30bce1e179
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe272c4f96cd19153b4326300be698d9e711932c2ad5ca41f2e44baed48a26b
bca0bc1800b46a9fcb03c5949f5e4cef09fe3b7db5bfb3f5f8440f1d41caac1d
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bfb968ff7ebcfc502af4bee0e5b4fce1b3ddfc29b883947aa18737c7ddf4dc05
c1a4eccb8271a8e67ffe9befa842615d908a9e24b93aad83569963efba6e3f51
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b470e24e920efb25660416e20862c20d4df90f16b45bf3404cadf395724269
c44e080ef80f83f7fc346253431046ff2bfe10ff0762acc1c247be5e169547ea
c4a5d78fcc94b997024e3c1fb9205df512836b208e877b08eaf6e4cecb6b7566
c4e396f55d8fc25edc750178a50f3e5a7e8814a2cecc35eedffdfaa4909944b8
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cb36969ede7ffc5ea92b56a7aaf258231b1291c5edfa452c631dbe0634f802f6
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
ce6f06015168e31dd14b37289cbf8dd97b8dba45f083b0c9a7bf9ae365d97090
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fd6811d500fe92c65cbfd7fa38894b00d82f4493616404459f68177373dd6c
d18f46dd86d96774452a5226cb7cd290eb7a134c5ea386e71dfd2d39005d9619
d210c1e42e4c70a5084e5ffd2c4c8cee40d462c233e2e78ab909f594aa5350f0
d28bda55c40c5770fc9daddaf9b0a1ac52882cf738395dfdbe5bf97f5f7a22a0
d2c826e69e9064b3bbaf8c82fca27f76762936cab8d3704388c5f560b56f82fc
d4ddee8fa570c3e4ffdcc04363807d0455d1004833bc3b2c7e91cdc7994af687
d83a6dc38bfcc4b497f1f3bad29fffa808e32fde691bf203da0c33f561368b6e
da30704f42357c94856428934e7e8e95fc2f44e13c1c2afa2bded802c55e9271
da4d15a075083deab119ac64cc68d7a0996206e311178cb2cc7a327b9ee274f1
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dec72d8ffde45ba5c97dfb1b61678076272e578d138e4fe9f257677bb71c7147
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e016d3df93459256a6fe9e8138adba21bfba1589672c6149fb5bbde470580c20
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4d19bb4691e512d5d012ed02270e094b6ebbae4aa998ed6611456b068eb3471
e5007811785868b961ce455789e0231b9c66e0c6fb94d13ecbe05af13bbead0d
e601afefb34b574d784d44a6ee43b64689759029852375f9f217a46e75a67fb1
e6b7babf84ce7797789a5680401cb436cdc9118988848a158ca54418412d1083
e8517713001e5083fb8174129e1528acf517537757c5752fda8a6c03af12aafd
e872af508f6b0e229926d4369e6a2b84a10ff5342894601aad7d554c816d632e
e9319b91271da436d4722a439f7519eb7b61310bda55e0b1e8899f1396fb6ae6
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee2531f39552d8127ca5d2937bd2e546780c00ee8ea0c41a185fe959ca57dddd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04a42cbe9a6dd17d6cf3d91423b737b86978d0e6c89af47c15eb483b95dd03c
f149685a7ee57be9021e9195fe13705d2656c54b066f08be7c06a22c91b30585
f1511f10d2b457048f36c9ee9f39c5f211c0ab19e5018724488e35ced93d4d72
f27590061c575f97cf4cde076c67fec6f30d0922dd27b72ffa9127f561de95a3
f350967c95d52a5b2ef0c198acc3ae8192576d3fd96c6804716a16edee8faa03
f3dd78e0450042df868691cc1a087da5167ee3612b06a592a91d7cc891fa6df6
f56c9c9f83cdcc19457c5a84693ace60215d1a4933a4b1496dcee9f15eb55b14
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8db7492d2400c3e79857b0b5842a1da46a4a8c6a5c28626a38f227b317b9c10
fb0a1661619f113bd81a1d7e90fb225a7816e5ea1af1320b1ef570ce0b776fae
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0
ffe7641077fd6a0889ace0490c776cb6fa3688892ad8595383af364a255756c5